ABSTRACT
This chapter introduces a few methods for network anomaly detection. We provide a comprehensive presentation of the methods, their strengths and weaknesses and highlight research issues and challenges. Following our discussion on the availability and use of labeled data and the technical approaches used in Chapter 4, we structure our discussion in this chapter in six distinct categories: supervised, unsupervised, probabilistic, soft computing, knowledge-based and hybrid. This chapter also introduces a taxonomy of existing network anomaly detection methods to support a consistent description of the methods.
