Iterative Principal Component Analysis (IPCA) for Network Anomaly Detection

It appears your Web browser is not configured to display PDF files. Download adobe Acrobat or click here to download the PDF file.

Click here to download the PDF file.


Delimargas, Athanasios




Due to a plethora of network anomalies and their rapid increase both in complexity and diversity, an ongoing research for security countermeasures is emerging. Princi- pal Component Analysis (PCA) is one of the several methods that were suggested in order to detect such anomalies and is known as a powerful tool in finding and diagnosing anomalies in network traffic. Nonetheless, previous relevant research work highlighted some inconsistencies of the classical method. It has been shown that the efficiency of the results are highly dependent to the input data and the calibration of its parameters. These parameters should be carefully selected in order to pinpoint the existence of anomalies in network traffic. By obtaining real network traffic traces from a small enterprise and artificially injecting anomalies, we apply a modified PCA based method. The results of our experimentation imply that this method possesses promising capabilities in efficiently detecting network anomalies and manages to sur- pass some of the limitations of the classic approach.


Information Science




Carleton University

Thesis Degree Name: 

Master of Applied Science: 

Thesis Degree Level: 


Thesis Degree Discipline: 

Engineering, Electrical and Computer

Parent Collection: 

Theses and Dissertations

Items in CURVE are protected by copyright, with all rights reserved, unless otherwise indicated. They are made available with permission from the author(s).