Anomaly detection in Border Gateway Protocol using supervised machine learning

Network anomaly detection system enables to monitor computer network that behaves differently from the network protocol and it is many implemented in various domains. Yet, the problem arises where different application domains have different defining anomalies in their environment. These make a difficulty to choose the best algorithms that suit and fulfill the requirements of certain domains and it is not straightforward. Additionally, the issue of centralization that cause fatal destruction of network system when powerful malicious code injects in the system. Therefore, in this paper we want to conduct experiment using supervised Machine Learning (ML) for network anomaly detection system that low communication cost and network bandwidth minimized by using UNSW-NB15 dataset to compare their performance in term of their accuracy (effective) and processing time (efficient) for a classifier to build a model. Supervised machine learning taking account the important features by labelling it from the datasets. The best machine learning algorithm for network dataset is AODE with a comparable accuracy is 97.26% and time taken approximately 7 seconds. Also, distributed algorithm solves the issue of centralization with the accuracy and processing time still a considerable compared to a centralized algorithm even though a little drop of the accuracy and a bit longer time needed.

Download Full-text

Semi-supervised Machine Learning Aided Anomaly Detection Method in Cellular Networks

10.36227/techrxiv.11634720 ◽

2020 ◽

Author(s):

Yutao Lu ◽

Juan Wang ◽

Miao Liu ◽

Kaixuan Zhang ◽

Guan Gui ◽

...

Keyword(s):

Machine Learning ◽

Anomaly Detection ◽

Cellular Networks ◽

Expert Knowledge ◽

Learning Algorithm ◽

Positive Sample ◽

Supervised Machine Learning ◽

Support Vector ◽

Soft Decision ◽

Decision Methods

The ever-increasing amount of data in cellular networks poses challenges for network operators to monitor the quality of experience (QoE). Traditional key quality indicators (KQIs)-based hard decision methods are difficult to undertake the task of QoE anomaly detection in the case of big data. To solve this problem, in this paper, we propose a KQIs-based QoE anomaly detection framework using semi-supervised machine learning algorithm, i.e., iterative positive sample aided one-class support vector machine (IPS-OCSVM). There are four steps for realizing the proposed method while the key step is combining machine learning with the network operator's expert knowledge using OCSVM. Our proposed IPS-OCSVM framework realizes QoE anomaly detection through soft decision and can easily fine-tune the anomaly detection ability on demand. Moreover, we prove that the fluctuation of KQIs thresholds based on expert knowledge has a limited impact on the result of anomaly detection. Finally, experiment results are given to confirm the proposed IPS-OCSVM framework for QoE anomaly detection in cellular networks.

Download Full-text

Semi-Supervised Machine Learning Aided Anomaly Detection Method in Cellular Networks

IEEE Transactions on Vehicular Technology ◽

10.1109/tvt.2020.2995160 ◽

2020 ◽

Vol 69 (8) ◽

pp. 8459-8467 ◽

Cited By ~ 1

Author(s):

Yutao Lu ◽

Juan Wang ◽

Miao Liu ◽

Kaixuan Zhang ◽

Guan Gui ◽

...

Keyword(s):

Machine Learning ◽

Anomaly Detection ◽

Cellular Networks ◽

Detection Method ◽

Supervised Machine Learning

Download Full-text

Gaussian Distribution-Based Machine Learning Scheme for Anomaly Detection in Healthcare Sensor Cloud

International Journal of Cloud Applications and Computing ◽

10.4018/ijcac.2021010103 ◽

2021 ◽

Vol 11 (1) ◽

pp. 52-72

Author(s):

Rajendra Kumar Dwivedi ◽

Rakesh Kumar ◽

Rajkumar Buyya

Keyword(s):

Machine Learning ◽

Information Systems ◽

Anomaly Detection ◽

Gaussian Distribution ◽

Supervised Machine Learning ◽

Sensor Data ◽

Support Vector ◽

Learning Scheme ◽

Healthcare Monitoring ◽

Sensor Cloud

Smart information systems are based on sensors that generate a huge amount of data. This data can be stored in cloud for further processing and efficient utilization. Anomalous data might be present within the sensor data due to various reasons (e.g., malicious activities by intruders, low quality sensors, and node deployment in harsh environments). Anomaly detection is crucial in some applications such as healthcare monitoring systems, forest fire information systems, and other internet of things (IoT) systems. This paper proposes a Gaussian distribution-based supervised machine learning scheme of anomaly detection (GDA) for healthcare monitoring sensor cloud, which is an integration of various body sensors of different patients and cloud. This work is implemented in Python. Use of Gaussian statistical model in the proposed scheme improves precision, throughput, and efficiency. GDA provides 98% efficiency with 3% and 4% improvements as compared to the other supervised learning-based anomaly detection schemes (e.g., support vector machine [SVM] and self-organizing map [SOM], respectively).

Download Full-text

Semi-supervised Machine Learning Aided Anomaly Detection Method in Cellular Networks

10.36227/techrxiv.11634720.v1 ◽

2020 ◽

Author(s):

Yutao Lu ◽

Juan Wang ◽

Miao Liu ◽

Kaixuan Zhang ◽

Guan Gui ◽

...

Keyword(s):

Machine Learning ◽

Anomaly Detection ◽

Cellular Networks ◽

Expert Knowledge ◽

Learning Algorithm ◽

Positive Sample ◽

Supervised Machine Learning ◽

Support Vector ◽

Soft Decision ◽

Decision Methods

The ever-increasing amount of data in cellular networks poses challenges for network operators to monitor the quality of experience (QoE). Traditional key quality indicators (KQIs)-based hard decision methods are difficult to undertake the task of QoE anomaly detection in the case of big data. To solve this problem, in this paper, we propose a KQIs-based QoE anomaly detection framework using semi-supervised machine learning algorithm, i.e., iterative positive sample aided one-class support vector machine (IPS-OCSVM). There are four steps for realizing the proposed method while the key step is combining machine learning with the network operator's expert knowledge using OCSVM. Our proposed IPS-OCSVM framework realizes QoE anomaly detection through soft decision and can easily fine-tune the anomaly detection ability on demand. Moreover, we prove that the fluctuation of KQIs thresholds based on expert knowledge has a limited impact on the result of anomaly detection. Finally, experiment results are given to confirm the proposed IPS-OCSVM framework for QoE anomaly detection in cellular networks.

Download Full-text