Abstract: Malicious activities on the Internet are commonly shown in Internet traffics. Anomalies like DDos, Worm, flooding attack, etc are defined as any deviation from the normal and something which are outside the usual range of variations. These anomalies consume network resources and lead to security issues such as confidentiality, integrity and availability. Anomaly detection is one of the data mining tasks which are the analysis of large volumes of data to determine items, events or observations which do not belong to unexpected patterns. Data mining techniques can be used in anomaly detection such as k-means clustering, artificial neural networks. Network traffic is an example of data stream which characterize as continues, massive and rapid sequence of data. Thus Mining such application need techniques which are different from traditional data mining techniques. These techniques must be able to process data which is continues, high speed and you can look at only once. This paper shows overview of anomaly detection framework, the growing field of data stream and presents techniques of stream data mining which are used for anomaly detection in network traffic.
Wesam S. Bhaya and Suad A. Alasadi, 2016. Anomaly Detection in Network Traffic Using Stream Data Mining: Review. Research Journal of Applied Sciences, 11: 1076-1082.