Anomaly Detection in Networks Using Noise Spectrum Analysis of Network Devices

Abstract

This document presents a novel anomaly detection system based on analyzing power line communication (PLC) noise to differentiate between various network conditions. By leveraging a decision tree classifier, the system classifies measured data into four different states: idle, normal traffic (25 Mbit/s), higher-bandwidth traffic (460 Mbit/s), and DoS attack scenarios. Experimental results demonstrate that this approach is effective in distinguishing DoS attack conditions from normal operations, although some limitations still remain. A key limitation is that a DoS attack aimed at the measuring system may cause it to freeze, preventing real-time analysis by the proposed system.