Non-Parametric Statistical Diagnosis

Brodsky, Boris; Darkhovsky, B. S.

doi:10.1007/978-94-015-9530-8

Cited by 93 publications

(25 citation statements)

References 147 publications

(240 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…As argued by both Carlstein et al (1994) and Brodsky and Darkhovsky (2000), in most cases detecting changes of a time-evolving statistical quantity may be reduced to the detection of changes in the mean of a new sequence derived from the initial one. Thus, we in Hawkins (2001), a computationally efficient dynamic programming algorithm for changepoint estimation may be devised when a prior assumption of order-structure between the segments is satisfied and therefore consists in restricting the change-point locations search to a pre-specified set.…”

Section: Introductionmentioning

confidence: 99%

Multiple Change-Point Estimation With a Total Variation Penalty

Harchaoui

Lévy‐Leduc

2010

Journal of the American Statistical Association

257

289

View full text Add to dashboard Cite

Abstract. We propose a new approach for dealing with the estimation of the location of change-points in one-dimensional piecewise constant signals observed in white noise.Our approach consists in reframing this task in a variable selection context. We use a penalized least-square criterion with a ℓ 1 -type penalty for this purpose. We explain how to implement this method in practice by using the LARS/LASSO algorithm. We then prove that, in an appropriate asymptotic framework, this method provides consistent estimators of the change-points with an almost optimal rate. We finally provide an improved practical version of this method by combining it with a reduced version of the dynamic programming algorithm and we successfully compare it with classical methods.

show abstract

Section: Introductionmentioning

confidence: 99%

Multiple Change-Point Estimation With a Total Variation Penalty

Harchaoui

Lévy‐Leduc

2010

Journal of the American Statistical Association

257

289

View full text Add to dashboard Cite

show abstract

“…Accordingly, Vanguard first locates any abrupt change in each indicator, and raises the alarm if the indicator I Ratio , or both indicators I ACK and I Dis are found to be abnormal. The CUSUM, a non-parametric change point detection algorithm [40], is used to capture abrupt changes in the sequences {I ACK (n)}, {I Ratio (n)}, and {I Dis (n)}. This algorithm assumes that the mean of the variables being monitored will change from negative to positive.…”

Section: B Vanguard: a New Detection Schemementioning

confidence: 99%

“…After that, the burden of computing indicator III is determined by B, which is the number of bins and is usually less than the number of samples (N ) in each detection window. The CUSUM algorithm's complexity is Θ(1) [40]. Therefore, the complexity of Vanguard is Θ(N ).…”

Section: Other Detection Schemesmentioning

confidence: 99%

Vanguard: A New Detection Scheme for a Class of TCP-targeted Denial-of-Service Attacks

Wang

Chan

Chang

2006

2006 IEEE/IFIP Network Operations and Management Symposium NOMS 2006

View full text Add to dashboard Cite

Abstract-A few low-rate, TCP-targeted Denial-ofService (DoS) attacks have been recently proposed, including the Shrew attack, Reduction of Quality (RoQ) attack, and Pulsing DoS (PDoS) attack. All of them use periodic attack pulses to throttle TCP flows. These attacks could potentially become major threats to the Internet's stabiliity and therefore they have motivated the development of a number of detection mechanisms for such attacks. However, those detection mechanisms are designed for specific attacks. Moreover, they assume that the period of the attack pulses is a nonzero constant. Unfortunately, these assumptions can be easily thwarted by more sophisticated attack strategies. In this paper, we propose a new detection system called Vanguard to identify a wide range of the aforementioned low-rate, DoS attacks, including the traditional flooding-based attacks as a special case. Vanguard can also detect attacks with randomized attack periods. We have validated Vanguard's efficacy based on extensive test-bed experiments. We have also compared Vanguard with other recently proposed detection systems.

show abstract

“…This problem can be addressed from a sequential (online) [13] or from a retrospective (off-line) [2] point of view. Many off-line approaches are based on the dynamic programming algorithm which retrieves K change-points within n observations of a one-dimensional signal with a complexity of O(Kn 2 ) in time [7].…”

Section: Introductionmentioning

confidence: 99%