Analysis of contemporary methods for detecting anomalies in computer networks




anomaly, anomaly detection methods, computer network


The definition of the concept of anomaly is analyzed, the reasons for their occurrence and possible impact on computer networks are briefly described. Еhree types of anomalies are considered: individual (point), contextual and group anomalies. It is also described on the basis of which characteristics abnormal behavior is detected. Classifications of anomaly detection methods described in the scientific literature are given. Standard statistical methods, methods based on clustering and methods based on classification are considered.


Julian Jang-Jaccard, Surya Nepal. A survey of emerging threats in cybersecurity. Journal of Computer and System Sciences. 2014. V. 80, Iss. 5. P. 973–993.

Khraisat, A., Gondal, I., Vamplew, P. et al. Survey of intrusion detection systems: techniques, datasets and challenges. Cybersecurity. 2019. V. 2. 22 p.

Корченко А. Методи ідентифікації аномальних станів для систем виявлення вторгнень. Монографія. Київ: ЦП «Компринт», 2019. 361 с.

Packet Clearing House, Internet exchange point directory reports. URL:

Fu, Zeyuan. Computer Network Intrusion Anomaly Detection with Recurrent Neural Network. Mobile Information Systems. 2022. P. 1–11.

Chandola V., Banerjee A., Kumar V. Anomaly Detection: A Survey. ACM Comput. Surv. 2009. V. 41. 72 p.

Чемерис К.М., Дейнега Л.Ю. Застосування методу вейвлет-аналізу для виявлення атак в мережах. Наука і техніка Повітряних Сил Збройних Сил України. 2022. № 1(46). С. 99–107.

Ali A., Khan M., Azam S., Bukhari H., Mahmood W. ADAM: A Practical Approach for Detecting Network Anomalies Using PCA. National Conference on Emerging Technologies / 2004. P. 44–47.

An Trung Tran. Network Anomaly Detection. Seminar Innovative Internet Technologies and Mobile Communications SS2017 / 2017. P. 55–61.

Foorthuis R. On the nature and types of anomalies: a review of deviations in data. Int J Data Sci Anal. 2021. № 12. P. 297–331.

Baddar S., Merlo A., Migliardi M. Anomaly Detection in Computer Networks: A State-of-the-Art Review. Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications (JoWUA). 2014. № 5. P. 29–64.

Mohiuddin A., Abdun N.M., Jiankun H. A survey of network anomaly detection techniques. Journal of Network and Computer Applications. 2016. V. 60. P. 19–31.

Bhuyan M.H., Bhattacharyya D.K., Kalita J.K. Network Anomaly Detection: Methods, Systems and Tools. IEEE Communications Surveys & Tutorials. 2014. V. 16, №. 1. P. 303–336.

Molina-Coronado B., Mori U., Mendiburu A., Miguel-Alonso J. Survey of Network Intrusion Detection Methods from the Perspective of the Knowledge Discovery in Databases Process. – 36 p.

Fernandes G., Rodrigues J.J.P.C., Carvalho L.F. et al. A comprehensive survey on network anomaly detection. Telecommun Syst. 2019. № 70. Р. 447–489.

Thottan M., Ji C. Anomaly Detection in IP Networks. IEEE Transactions On Signal Processing. 2003. V. 51, № 8. Р. 2191–2204.

Naseer S., et al. Enhanced Network Anomaly Detection Based on Deep Neural Networks. IEEE Access. 2018. V. 6. P. 48231–48246.

Rafferty M., Brogan P., Hastings J., Laverty D.M., Liu X., Khan R. Local Anomaly Detection by Application of Regression Analysis on PMU Data. 2018. Р. 1-5.

Kind A., Stoecklin M.P., Dimitropoulos X. Histogram-based traffic anomaly detection. IEEE Transactions on Network and Service Management. 2009. V. 6, № 2. Р. 110–121.

Cohen A., Atoui. M.A.A. On Wavelet-based Statistical Process Monitoring. Transactions of the Institute of Measurement and Control. 2022. № 44 (3). Р. 525–538.

Lu W., Ghorbani A. Network Anomaly Detection Based on Wavelet Analysis. EURASIP J. Adv. Sig. Proc / 2009. 16 р.

Munz G., Li S., Carle G. Traffic Anomaly Detection Using K-Means Clustering. 2007. 8 p.

Syarif I., Prugel-Bennett A., Wills G. Unsupervised clustering approach for network anomaly detection. 2022. 11 p.

Çelik M., Dadaşer-Çelik F., Dokuz A.Ş. Anomaly detection in temperature data using DBSCAN algorithm. International Symposium on Innovations in Intelligent Systems and Applications / 2011. P. 91–95.

Chen Z., Li Y.F. Anomaly Detection Based on Enhanced DBScan Algorithm. Procedia Engineering. 2011. V. 15. P. 178–182.

Dang T.T., Ngan H.Y.T., Liu W. Distance-based k-nearest neighbors outlier detection method in large-scale traffic data. 2015 IEEE International Conference on Digital Signal Processing (DSP) / Singapore, 2015. P. 507–510.

Catania C.A., Bromberg F., Garino C.G. An autonomous labeling approach to support vector machines algorithms for network traffic anomaly detection. Expert Systems with Applications.2012. V. 39, Iss. 2. P. 1822–1829.