30-08-2017, 02:27 PM
For a computer network in the age of large data, a behavioral anomaly detection system is discussed which allows to analyze and detect the behavior of anomalous traffic immediately. Many sensor devices connect to the network and tend to generate their application traffic at a fairly low communication speed. In order to observe in a short space of time the traffic information necessary for the traffic analysis, the monitoring system integrates traffic statistics of flows sent from devices that are considered to generate the same application. Detects behavior of anomaly traffic based on the analysis of applications using NMF (Non-negative Matrix Factorisation).