Skip to Main Content
Network anomalies usually refer to the conditions when network operations diverge from the normal behavior. Anomaly detection in an IP network is a very complex task, because it is dependent upon the nature of the data that is available for the analysis. In this paper we have given the overview of two statistical based anomaly detection algorithms that are adaptive threshold algorithm and cumulative SUM algorithm especially with respect to the anomaly that is occurred due to SYN flooding attacks. In the case of high intensity SYN flooding attacks both were good and have less false alarm ratio where as in the case of low intensity attacks adaptive threshold algorithm performance degrade and shows high false alarm where as in the case of cumulative sum algorithm its performance remain same with lesser false alarm ratio.