Anomaly Detection Using Adaptive Probability Distribution Modeling
Article Sidebar
Main Article Content
The exponential expansion of IP-based networked services across finance, healthcare, education, and government has intensified the need for effective, real-time anomaly detection mechanisms. Traditional threshold-based and machine-learning-driven systems struggle with dynamic traffic variability, high false-positive rates, and computational inefficiency. This paper proposes a Probability Distribution–Based Anomaly Detection Framework (PD-ADF) that models normal network behavior through univariate and multivariate statistical fitting using Maximum Likelihood Estimation and validated by Kolmogorov–Smirnov and Anderson–Darling tests. Anomalies are identified through adaptive confidence-interval thresholding and probabilistic scoring, enabling fast, resource-efficient detection in large-scale IP environments. Evaluations on NSL-KDD, KDD-Cup ’99, and proprietary enterprise datasets yield an accuracy of 0.96, F1-score 0.91, and false-positive rate 0.02 — surpassing Support Vector Machine and threshold baselines while requiring only 0.1 seconds per observation. The proposed model demonstrates that statistical inference can deliver ML-level precision with significantly lower complexity, offering a scalable, interpretable, and energy-efficient alternative for next-generation cyber-defense infrastructures.
Downloads
References
Barsha, N. K., & Hubballi, N. (2024). Anomaly detection in SCADA systems: A state transition modeling approach. IEEE Transactions on Network and Service Management, 21(3), 425–440. https://doi.org/10.1109/TNSM.2024.3280110
Chen, H., Zhao, W., Zhang, X., & Zhou, Q. (2024). Graph neural network–based robust anomaly detection in SDN microservice systems. Computer Networks, 239, 110135. https://doi.org/10.1016/j.comnet.2024.110135
Fang, Y. (2024). APIB-GAN: A GAN-based approach for internet-behavior anomaly prediction. Physical Communication, 66, 102040. https://doi.org/10.1016/j.phycom.2024.102040
Grubov, V. V., Nechaev, D., & Kotov, V. (2024). Two-stage outlier detection enhancing automatic seizure detection. IEEE Access, 12, 22541–22556. https://doi.org/10.1109/ACCESS.2024.3389511
ITU-T. (2024). Y.3057: Artificial intelligence–enabled network security framework. International Telecommunication Union. https://www.itu.int/rec/T-REC-Y.3057-2024
ISO/IEC. (2024). 27090: Adaptive security analytics guidelines. International Organization for Standardization. https://www.iso.org/standard/88357.html
Lamichhane, P. B., & Eberle, W. (2024). Anomaly detection in graph-structured data: A survey. arXiv preprint, arXiv:2405.06172.
Li, B., Wang, Y., & Cheng, L. (2024). Adaptive and augmented active anomaly detection on dynamic network traffic streams. Frontiers of Information Technology & Electronic Engineering, 25(4), 512–525. https://doi.org/10.1631/FITEE.2400260
Lin, L., Han, Z., & Yu, J. (2024). Integrating adversarial training into deep autoencoders for anomaly detection. Engineering Applications of Artificial Intelligence, 136, 108856. https://doi.org/10.1016/j.engappai.2024.108856
Macková, K., Benk, D., & Šrotýr, M. (2024). Enhancing cybersecurity through comparative analysis of deep-learning models for anomaly detection. In Proceedings of the 2024 International Conference on Information Systems Security and Privacy (ICISSP) (pp. 421–435). Springer.
Mounnan, M., Akhtar, N., & Kawsar, F. (2024). Hybrid learning frameworks for adaptive network anomaly detection. Sensors, 24(9), 3385. https://doi.org/10.3390/s24093385
Taghikhah, M., Verma, S., & Zhong, L. (2024). Quantile-based maximum likelihood training for outlier detection. In Proceedings of the 38th AAAI Conference on Artificial Intelligence (pp. 4821–4829). AAAI Press.
Wang, H., & Zhong, Z. (2024). Improved Gaussian mixture modeling for network traffic anomaly detection. Computers & Security, 137, 103657. https://doi.org/10.1016/j.cose.2024.103657
Williams, R., Chen, P., & Dubé, A. (2024). Entropy and threshold-based anomaly detection in dynamic cloud environments. Journal of Network and Computer Applications, 245, 103771. https://doi.org/10.1016/j.jnca.2024.103771
Wurzenberger, M., Müller, J., & Lipp, J. (2024). Statistical properties of log data for advanced anomaly detection. Computers & Security, 137, 103631. https://doi.org/10.1016/j.cose.2024.103631
Zhang, Y., & Lázaro, L. (2024). Traffic-based anomaly detection under adversarial perturbation. IEEE Transactions on Information Forensics and Security, 19(6), 3152–3167. https://doi.org/10.1109/TIFS.2024.3367019
Zhou, X., Chen, X., & Li, D. (2024). Reconstructed graph neural network with knowledge distillation for lightweight anomaly detection. IEEE Transactions on Neural Networks and Learning Systems, 35(4), 5650–5664. https://doi.org/10.1109/TNNLS.2024.3332011
This work is licensed under a Creative Commons Attribution 4.0 International License.
All articles published in our journal are licensed under CC-BY 4.0, which permits authors to retain copyright of their work. This license allows for unrestricted use, sharing, and reproduction of the articles, provided that proper credit is given to the original authors and the source.