Off-campus UMass Amherst users: To download campus access dissterations, please use the following link to log into our proxy server with your UMass Amherst user name and password.

Non-UMass Amherst users: Please talk to your librarian about requesting this dissertation through interlibrary loan.

Dissertations that have an embargo placed on them will not be available to anyone until the embargo expires.

Document Type

Open Access

Degree Program

Electrical & Computer Engineering

Degree Type

Master of Science in Electrical and Computer Engineering (M.S.E.C.E.)

Year Degree Awarded

January 2007

Month Degree Awarded

September

Keywords

anomaly, anomaly detection, parallel, detection, multiple, algorithms

Abstract

The main objective of the thesis is to show that multiple anomaly detection algorithms can be implemented in parallel to effectively characterize the type of traffic causing the abnormal behavior. The logs are obtained by running six anomaly detection algorithms in parallel on the Network Processor. Further, a hierarchical tree representation is defined which illustrates the state of traffic in real-time. The nodes represent a particular subset of traffic and each of the nodes calculate the aggregate for the traffic represented by the node, given the output from all the algorithms. The greater the aggregate, the darker the node indicating an anomaly. The visual representation makes it easy for an operator to distinguish between anomalous and non-anomalous nodes.

Share

COinS
 

Advisor(s) or Committee Chair

Wolf, Tilman