Abstract
Multivariate Statistical Network Monitoring (MSNM) is a methodology that leverages PCA processing of information to provide insight on multiple variables evolution, raising very good detection results that outperforms other current methods. Regretfully, as any other detection approach, it imposes a considerable burden due to the need to transfer traffic-related data. In this paper, we suggest a hierarchical approach for MSNM with two main benefits: it minimizes the amount of data to be transferred through the network, and it provides privacy capabilities. We test the feasibility as well as the detection performance of the proposal within an experimental environment, obtaining detection results that are similar to non-hierarchical MSNM, but exhibiting a considerable reduction in the amount of information sent through the network.
Rafael A. Rodríguez-Gómez
Associate Professor
My research interests include network security, the early detection of new threats and adversarial machine learning attacks-defense methods in the cybersecurity field.