Title: Distributed PCA and network anomaly detection
Place: BY 660; Friday 9/1; 10:30--11:30AM
Abstract:
We consider the problem of network anomaly detection given
the data collected and processed over large distributed systems.
Our algorithmic framework can be seen as a distributed
version of the well-known principal component analysis
method, which is concerned with tracking the behavior
of the data projected onto the residual subspace of the principal
components. Our approach consists of a protocol for
local processing at individual monitoring devices and
global decision-making and feedback at a coordinator.
A key ingredient of our framework is an analytical
method based on stochastic matrix perturbation theory for
balancing the tradeoff between the accuracy of network anomaly
detection, and the amount of data communication over the
network. This is joint work with Ling Huang, Minos Garofalakis,
Joseph Hellerstein, Michael Jordan, Anthony Joseph and Nina Taft.