Network Anomaly Detection using Choquet Integrals through Power Measures

DOI: https://doi.org/10.5753/errc.2024.4584

Abstract


This paper evaluates anomaly detection using Choquet integrals and power measure metrics. The main goal was to check the effectiveness of the detection model by considering different sizes of sliding windows. Error analysis showed that the power measure metrics performed better, especially with smaller sliding windows. With the implementation of an attack simulation system, the model showed higher accuracy and efficiency in scenarios with reduced windows, improving the detection of attacks. The results suggest that the strategy based on smaller sliding windows is more suitable for contexts with high volatility and sudden traffic changes.

Keywords: Anomaly detection, Choquet integrals, Power measures, Sliding windows

References

Dalmazo, B. L.; Vilela, J. P.; Curado, M. Performance analysis of network traffic predictors in the cloud. Journal of Network and Systems Management, Springer, v. 25, p. 290–320, 2017.

Reglitz, M. The human right to free internet access. Journal of Applied Philosophy, Wiley Online Library, v. 37, n. 2, p. 314–331, 2020.

Zeufack, V. et al. An unsupervised anomaly detection framework for detecting anomalies in real time through network system’s log files analysis. High-Confidence Computing, Elsevier, v. 1, n. 2, p. 100030, 2021.

Detecção de Anomalias com Integrais de Choquet e Medidas de Potência Ayres et al. 2024 4 Santo, Y. et al. Fault Detection on the Edge and Adaptive Communication for State of Alert in Industrial Internet of Things. Sensors, v. 23, n. 7, 2023. ISSN 1424-8220. DOI: 10.3390/s23073544. Disponível em: [link].

Dalmazo, B. L.; Vilela, J. P.; Curado, M. Triple-Similarity Mechanism for alarm management in the cloud. Computers & Security, v. 78, p. 33–42, 2018. ISSN 0167-4048. DOI: 10.1016/j.cose.2018.05.016. Disponível em: [link].

Amorim, M. et al. Systematic Review of Aggregation Functions Applied to Image Edge Detection. Axioms, v. 12, n. 4, 2023. ISSN 2075-1680. DOI: 10.3390/axioms1.2040330. Disponível em: [link].

Cardoso, F. C. et al. Echo state network and classical statistical techniques for time series forecasting: A review. Knowledge-Based Systems, v. 293, p. 111639, 2024. ISSN 0950-7051. DOI: 10.1016/j.knosys.2024.111639. Disponível em: [link].

Yuan, Z. et al. Anomaly detection based on weighted fuzzy-rough density. Applied Soft Computing, v. 134, p. 109995, 2023. ISSN 1568-4946. DOI: 10.1016/j.asoc.2023.109995. Disponível em: [link].

Ayres, D. et al. Comparando Médias Móveis com Integral de Choquet para Detectar Anomalias no Tráfego de Redes. In: ANAIS Estendidos do XXIV Simpósio Brasileiro de Segurança da Informação e de Sistemas Computacionais. São José dos Campos/SP: SBC, 2024. P. 353–357. DOI: 10.5753/sbseg_estendido.2024.243381. Disponível em: [link].

Murofushi, T.; Sugeno, M.; Machida, M. Non-monotonic fuzzy measures and the Choquet integral. Fuzzy Sets and Systems, v. 64, n. 1, p. 73–86, 1994.

Barrenechea, E. et al. Using the Choquet Integral in the Fuzzy Reasoning Method of Fuzzy Rule-Based Classification Systems. Axioms, v. 2, n. 2, p. 208–223, 2013.

Lucca, G. et al. Analyzing the performance of different fuzzy measures with generalizations of the Choquet integral in classification problems. In: 2019 IEEE International Conference on Fuzzy Systems (FUZZ-IEEE). Jun. 2019. P. 1–6. DOI: 10.1109/FUZZ-IEEE.2019.8858815.
Published
2024-11-27
How to Cite

Select a Format
AYRES, Denner; QUEVEDO, Abreu; DIMURO, Graçaliz; LUCCA, Giancarlo; DALMAZO, Bruno L.. Network Anomaly Detection using Choquet Integrals through Power Measures. In: REGIONAL SCHOOL OF COMPUTER NETWORKS (ERRC), 21. , 2024, Rio Grande/RS. Anais [...]. Porto Alegre: Sociedade Brasileira de Computação, 2024 . p. 129-134. DOI: https://doi.org/10.5753/errc.2024.4584.