Tutorials

Tutorial 4: Monday - August 27, 2012

Network Anomaly Detection: from basics to advanced methods

	Christian Callegari Professor University of Pisa, Pisa Italy
Abstract: This tutorial provides an overview of the most relevant statistical approaches for network anomaly detection. In the first part, starting from the seminal work by Denning, the basic concepts about anomaly detection will be introduced. In the second part of the tutorial, some of the most recent and relevant works about statistical anomaly detection will be discussed. For each of the presented methods the description of the theoretical background, focusing on why the method should be effective in detecting network anomalies, will be accompanied by a discussion on the anomalies that can be detected and on the achievable results. Short Bio. `Christian CALLEGARI was born in La Spezia, Italy, in 1980. He received the B.E. and the M.E. degrees in telecommunications engineering and the PhD degree in information engineering from the University of Pisa, Pisa, Italy, in 2002, 2004, and 2008, respectively. He was recipient of a scholarship issued by the Italian Ministry of Education for his PhD program.` `Since 2005, he has been with the Department of Information Engineering at the University of Pisa. In 2006/07, he was a visiting student research collaborator at the Department of Computer Science at ENST Bretagne, France.` Dr. Callegari is currently a post-doc research fellow at the Department of Information Engineering of the University of Pisa, and a teaching assistant at the University of Pisa for the Network Security course of the M.E. degree in telecommunications engineering and for the Architectures, Components and Network Services course of the Master degree in Computer Science and Networking . Moreover he has given lectures about Anomaly Detection and statistical traffic classification in the framework of several PhD corse (both the national and international level) and he has also given several tutorials about anomaly detection in leading international conferences. His research interests are in the area of network security, statistical traffic classification, and network simulation. He has participated to several research projects, both at national level (PRIN â€“ Progetto di Ricerca di Interesse Nazionale â€“ funded by the Italian Ministry for Research and Education) and European level (STREP and IP funded by the European Community). Moreover, he has co-authored more than 50 papers presented in leading international journals and conferences. He is the general chair of the international workshop on traffic analysis and classification (TRAC) and the organizer of several invited sessions in leading international conferences. Moreover he is member of the editorial board of the Central European Journal of Engineering, Versita/Springer and he serves as a TPC member for several international conferences (e.g., IEEE Globecom and IEEE ICC) and as a reviewer for several international journals (e.g., IEEE Communication surveys and tutorials, Wiley Security and Communication Networks, Wiley International Journal of Communication System, Elsevier Computer Networks Journal, Elsevier Computer Communication) and conferences.

Christian Callegari

Professor

University of Pisa, Pisa

Italy

Abstract:

This tutorial provides an overview of the most relevant statistical approaches for network anomaly detection. In the first part, starting from the seminal work by Denning, the basic concepts about anomaly detection will be introduced. In the second part of the tutorial, some of the most recent and relevant works about statistical anomaly detection will be discussed. For each of the presented methods the description of the theoretical background, focusing on why the method should be effective in detecting network anomalies, will be accompanied by a discussion on the anomalies that can be detected and on the achievable results.

Short Bio.

Christian CALLEGARI was born in La Spezia, Italy, in 1980. He received the B.E. and the M.E. degrees in telecommunications engineering and the PhD degree in information engineering from the University of Pisa, Pisa, Italy, in 2002, 2004, and 2008, respectively. He was recipient of a scholarship issued by the Italian Ministry of Education for his PhD program.

Since 2005, he has been with the Department of Information Engineering at the University of Pisa. In 2006/07, he was a visiting student research collaborator at the Department of Computer Science at ENST Bretagne, France.

Dr. Callegari is currently a post-doc research fellow at the Department of Information Engineering of the University of Pisa, and a teaching assistant at the University of Pisa for the Network Security course of the M.E. degree in telecommunications engineering and for the Architectures, Components and Network Services course of the Master degree in Computer Science and Networking . Moreover he has given lectures about Anomaly Detection and statistical traffic classification in the framework of several PhD corse (both the national and international level) and he has also given several tutorials about anomaly detection in leading international conferences.

His research interests are in the area of network security, statistical traffic classification, and network simulation. He has participated to several research projects, both at national level (PRIN â€“ Progetto di Ricerca di Interesse Nazionale â€“ funded by the Italian Ministry for Research and Education) and European level (STREP and IP funded by the European Community). Moreover, he has co-authored more than 50 papers presented in leading international journals and conferences. He is the general chair of the international workshop on traffic analysis and classification (TRAC) and the organizer of several invited sessions in leading international conferences. Moreover he is member of the editorial board of the Central European Journal of Engineering, Versita/Springer and he serves as a TPC member for several international conferences (e.g., IEEE Globecom and IEEE ICC) and as a reviewer for several international journals (e.g., IEEE Communication surveys and tutorials, Wiley Security and Communication Networks, Wiley International Journal of Communication System, Elsevier Computer Networks Journal, Elsevier Computer Communication) and conferences.