Welcome to the InfoSci Platform
Reference Hub1
Contextual Anomaly Detection Methods for Addressing Intrusion Detection

Contextual Anomaly Detection Methods for Addressing Intrusion Detection

Florian Gottwalt, Elizabeth J. Chang, Tharam S. Dillon
Copyright: © 2021 |Pages: 31
ISBN13: 9781799857280|ISBN10: 179985728X|EISBN13: 9781799857297
DOI: 10.4018/978-1-7998-5728-0.ch009
Cite Chapter Cite Chapter

MLA

Gottwalt, Florian, et al. "Contextual Anomaly Detection Methods for Addressing Intrusion Detection." Handbook of Research on Cyber Crime and Information Privacy, edited by Maria Manuela Cruz-Cunha and Nuno Mateus-Coelho, IGI Global, 2021, pp. 151-181. https://doi.org/10.4018/978-1-7998-5728-0.ch009

APA

Gottwalt, F., Chang, E. J., & Dillon, T. S. (2021). Contextual Anomaly Detection Methods for Addressing Intrusion Detection. In M. Cruz-Cunha & N. Mateus-Coelho (Eds.), Handbook of Research on Cyber Crime and Information Privacy (pp. 151-181). IGI Global. https://doi.org/10.4018/978-1-7998-5728-0.ch009

Chicago

Gottwalt, Florian, Elizabeth J. Chang, and Tharam S. Dillon. "Contextual Anomaly Detection Methods for Addressing Intrusion Detection." In Handbook of Research on Cyber Crime and Information Privacy, edited by Maria Manuela Cruz-Cunha and Nuno Mateus-Coelho, 151-181. Hershey, PA: IGI Global, 2021. https://doi.org/10.4018/978-1-7998-5728-0.ch009

Export Reference

Mendeley
Favorite

Abstract

One promising method to detect cyber-crime is anomaly detection, which enables one to detect new, unseen attacks. Despite this ability, anomaly detection methods only have limited utilization in practice, due to the high number of false alarms generated. Recent research has shown that the number of false alarms can be reduced drastically by considering the context in which these alarms occur. However, important questions include, What does context mean in the realm of anomaly detection? and How can it be incorporated to identify potential cyber-crime? To address these questions, this chapter provides novel definitions of context and contextual anomaly detection methods. Based on these, a new taxonomy is proposed for contextual anomaly detection methods, which organizes the methods by the specific problems they address. Further, the chapter highlights the potential of contextual anomaly detection for the reduction of false alarms, particularly for network anomaly detection and provides an introduction and holistic overview of the field for professionals and researchers.

Request Access

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.