Collaborative Network Traffic Analysis Via Alternating Direction Method Of Multipliers

As one of the hot issues in the research on complicated network, collaborative network traffic analysis plays a core role in improving network performance, analyzing network behaviors and predicting abnormal traffic, especially from large-scale network data sets. Several approaches on flow-level traffic data analysis have been proposed about analyzing the structure and situation of the network. Different from the state-of-the-art, we first propose a new decomposition model based on the alternating direction method of multipliers for packet-level traffic data. In addition, we present the iterative scheme of the algorithm for network anomaly detection problem, which is termed NTA-ADMM. Based on this approach, we can carry out intrusion detection for packet-level network traffic data, no matter whether it is polluted by noise or not. Finally, we design a prototype system for network anomaly detection such as unauthorized access from a remote machine to a local machine (R2L) attack and so on. The experiments have shown that our approach is effective in revealing the patterns of network traffic data and detecting attacks from large-scale network traffic. Moreover, the experiments have demonstrated the robustness of the algorithm even when the network traffic is polluted by the large volume anomalies and noise.