Poison Attack and Defense Strategies on PCA-Based Anomaly Detector

QIAN Ye-kui; CHEN Ming

您当前的位置：

首页 >

文章列表页 >

Poison Attack and Defense Strategies on PCA-Based Anomaly Detector

更新时间：2025-07-16

- Poison Attack and Defense Strategies on PCA-Based Anomaly Detector
- Acta Electronica Sinica Vol. 39, Issue 3, Pages: 543-548(2011)
- 作者机构：
  
  1. 解放军理工大学指挥自动化学院,江苏,南京,210007
  2. 解放军防空兵指挥学院,河南,郑州,450052
  3. 解放军理工大学指挥自动化学院江苏南京,210007
  4. 解放军防空兵指挥学院河南郑州,450052
- 作者简介：
- 基金信息：
- DOI：
  CLC： TP393
- Published：2011
- 稿件说明：
移动端阅览
QIAN Ye-kui, CHEN Ming. Poison Attack and Defense Strategies on PCA-Based Anomaly Detector[J]. Acta Electronica Sinica, 2011, 39(3): 543-548.
DOI：

QIAN Ye-kui, CHEN Ming. Poison Attack and Defense Strategies on PCA-Based Anomaly Detector[J]. Acta Electronica Sinica, 2011, 39(3): 543-548. DOI：

摘要

网络流量异常检测对于保证网络稳定高效运行极为重要.目前基于主成分分析(PCA)的全网络异常检测算法虽然发挥了关键作用

但它还存在着受毒害攻击而失效的问题.为此

深入分析了毒害攻击的机制并对其进行了分类

提出了量化毒害流量的两个测度

并给出了3种新的毒害攻击机制;提出了一种基于健壮PCA的异常检测算法RPCA以抵御毒害攻击.模拟试验结果表明

RPCA算法在受到多种毒害攻击时仍然具有很好的检测性能

明显优于PCA异常检测器

且运行时间能够满足实际网络异常检测的需求.

Abstract

Network traffic anomaly detection is crucial to guarantee stable and effective network operation.Nowadays

although PCA-based network-wide anomaly detector plays an important role

it cannot detect anomalous network traffic effectively in face of poison attacks.In order to solve poison attack problem aiming at PCA-based anomaly detector

poison attack strategies are investigated and classified

two metrics for quantifying poison traffic are proposed and three novel poison attack strategies are put forward.A robust PCA-based anomaly detection algorithm (for short RPCA) is proposed to resist poison attacks.Simulation experiment results show that RPCA algorithm can still perform very well in face of poison attacks

obviously superior to PCA-based anomaly detector

and its running time can satisfy the need of practical network anomaly detection.

关键词

Keywords

references

Views

1414

下载量

CSCD

Alert me when the article has been cited

提交

Tools

Publicity Resources

Variable Horizon Multi-Directional Scanning Method for Time Series Anomaly Detection

Unsupervised Image Anomaly Detection Based on Constrained BidiRectional Distillation

A Vehicle Trajectory Anomaly Detection Method Based on Noise Label Re-Weighting

A Survey of Network Attack Investigation Based on Provenance Graph

Improved Adaptive Model Pools for Online Anomaly Detection Algorithms

Related Author

HUANG Yu-zhe

GUAN Yong-yuan

WEI Song-jie

LI Bo

LI Ze-chao

XING Peng

TANG Jin-hui

SU YUE-yang

Related Institution

School of Computer Science and Engineering, School of Cyber Science and Engineering, Nanjing University of Science and Technology

School of Computer Science and Engineering, Nanjing University of Science and Technology

Institute of Computing Technology, Chinese Academy of Sciences

University of Chinese Academy of Sciences

Department of Computer Science and Engineering,Shanghai Jiaotong University

⁰