Network anomaly detection is very important in order to guarantee the reliable operation of network.Existing methods only utilize temporal correlation or spatial correlation of network traffic individually. Aiming at this deficiency, this paper considers the spatio-temporal correlation of traffic matrix together and puts forward a network-wide anomaly detection method based on MSPCA. The method utilizes the multiscale modeling ability of wavelet transform and dimensionality reduction ability comprehensively to model normal network traffic, and then analyzes residual traffic using Shewart and EWMA control charts. In addition, the MSPCA anomaly detection method is extended to online MSPCA anomaly detection method through applying gliding window mechanism.Real Internet measurement data analyses and simulation experiment analyses show that the detection performance of MSPCA algorithm is superior to PCA algorithm and KLE algorithm proposed recently. Analyses also show that the detection performance of online MSPCA algorithm is close to MSPCA algorithm, and the single step execution time of online MSPCA algorithm is very short, which can fully meet the need of real-time detection.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.