<![CDATA[Possibility theory can be used as a suitable frameworkto build a normal behavioral model for an anomaly detector.Based on linear and/or nonlinear systems, sub-optimal filteringapproaches based on the Extended Kalman Filter and the UnscentedKalman Filter are calibrated for entropy reduction andcould be a good basis to find a suitable model to build a decisionvariable where, a decision process can be applied to identifyanomalous events. Sophisticated fuzzy clustering algorithms canbe used to find a set of clusters built on the decision variable,where anomalies might happen inside a few of them. To achievean efficient detection step, a robust decision scheme is built, bymeans of possibility distributions, to separate the clusters intonormal and abnormal spaces. We had studied the false alarmrate vs. detection rate trade-off by means of ROC (ReceiverOperating Characteristic) curves to show the results. We validatethe approach over different realistic network traffic.]]>
Copyrights © 2014
