A survey of network anomaly detection techniques

• Maps different types of anomalies with network attacks.
• Provides an up-to-date taxonomy of network anomaly detection.
• Evaluates effectiveness of different categories of techniques.
• Explores recent research related to publicly available network intrusion evaluation datasets.

Information and Communication Technology (ICT) has a great impact on social wellbeing, economic growth and national security in todays world. Generally, ICT includes computers, mobile communication devices and networks. ICT is also embraced by a group of people with malicious intent, also known as network intruders, cyber criminals, etc. Confronting these detrimental cyber activities is one of the international priorities and important research area. Anomaly detection is an important data analysis task which is useful for identifying the network intrusions. This paper presents an in-depth analysis of four major categories of anomaly detection techniques which include classification, statistical, information theory and clustering. The paper also discusses research challenges with the datasets used for network intrusion detection.