信息理论和网络异常检测代数方法Information Theo-retic and Alge-braic Methods for Network Anomaly Detection |
|
课程网址: | http://videolectures.net/mmdss07_tishby_itam/ |
主讲教师: | Naftali Tishby |
开课单位: | 耶路撒冷希伯来大学 |
开课时间: | 2007-11-26 |
课程语种: | 英语 |
中文简介: | 本教程将讨论两个核心问题:(i)分布式网络中提取预测统计的信息理论原理和算法;(i i)网络异常检测的代数和谱方法。第一部分将讨论预测信息的概念,即过程的过去和未来之间的相互信息,它的次广泛属性,以及从数据中估计它的算法。我们将认为,信息理论上的可预测性量化了过程的复杂性,并为检测提供了有效的方法。过程中的异常和意外。利用信息瓶颈算法,可以从过程的过去到未来提取足够的近似统计信息,并将其作为多时间尺度上的异常检测器。在第二部分中,我们将讨论使用光谱方法(分布式PCA和网络拉普拉斯分析)分析网络活动的方法,以识别连接网络组件的规则时间模式。结合这两种方法,我们将为网络异常检测器的安全性提出新的技术建议。 |
课程简介: | The tutorial will discuss two central issues: (i) Information Theoretic principles and algorithms for extracting predictive statistics in distributed networks and (ii) algebraic and spectral methods for network anomaly detection. The first part will deal with the concept of predictive information - the mutual information between the past and future of a process, its sub-extensive properties, and algorithms for estimating it from data.We will argue that the information theoretic predictability quantifies the complexity of a process and provides effective ways for detecting anomalies and surprises in the process. Using the Information Bottleneck algorithms one can extract approximate sufficient statistics from the past to the future of the process and use them as anomaly detectors on multiple time scales. In the second part we will discuss ways for analyzing network activity using spectral methods (distributed PCA and network Laplacian analysis) for identifying regular temporal patterns of connected network components. By combining the two approaches, we will suggest new techniques for network anomaly detectors for security. |
关 键 词: | 信息理论; 分布式网络; 网络异常检测; 信息瓶颈算法; 异常检测器 |
课程来源: | 视频讲座网 |
最后编审: | 2020-06-06:毛岱琦(课程编辑志愿者) |
阅读次数: | 125 |