scholarly journals Detection of Abnormalities in Real-Time Computer Network Traffic Empowered by Machine Learning

2021 ◽  
Vol 10 (3) ◽  
pp. 2072-2079
Keyword(s):  
Machine Learning ◽  
Anomaly Detection ◽  
Real Time ◽  
Network Traffic ◽  
Computer Network ◽  
Data Gathering ◽  
Network Systems ◽  
Data Set ◽  
Synthetic Network ◽  
Scientific Papers

This research discloses how to utilize machine learning methods for anomaly detection in real-time on a computer network. While utilizing machine learning for this task is definitely not a novel idea, little literature is about the matter of doing it in real-time. Most machine learning research in PC network anomaly detection depends on the KDD '99 data set and means to demonstrate the proficiency of the algorithms introduced. The emphasis on this data set has caused a lack of scientific papers disclosing how to assemble network data, remove features, and train algorithms for use inreal-time networks. It has been contended that utilizing the KDD '99 dataset for anomaly detection is not appropriate for real-time network systems. This research proposes how the data gathering procedure will be possible utilizing a dummy network and generating synthetic network traffic by analyzing the importance of One-class SVM. As the efficiency of k-means clustering and LTSM neural networks is lower than one-class SVM, that is why this research uses the results of existing research of LSTM and k-means clustering for the comparison with reported outcomes of a similar algorithm on the KDD '99 dataset. Precisely, without engaging KDD ’99 data set by using synthetic network traffic, this research achieved the higher accuracy as compared to the previous researches.

scholarly journals XFinder: Detecting Unknown Anomalies in Distributed Machine Learning Scenario

2021 ◽  
Vol 3 ◽  
Author(s):  
Haizhou Du ◽  
Shiwei Wang ◽  
Huan Huo
Keyword(s):  
Machine Learning ◽  
Anomaly Detection ◽  
Real Time ◽  
Network Traffic ◽  
Security And Privacy ◽  
Closed Sets ◽  
Online Mode ◽  
Average Accuracy ◽  
Learning Scenarios ◽  
Distributed Machine Learning

In recent years, the emergence of distributed machine learning has enabled deep learning models to ensure data security and privacy while training efficiently. Anomaly detection for network traffic in distributed machine learning scenarios is of great significance for network security. Although deep neural networks have made remarkable achievements in anomaly detection for network traffic, they mainly focus on closed sets, that is, assuming that all anomalies are known. However, in a real network environment, unknown abnormalities are fatal risks faced by the system because they have no labels and occur before the known anomalies. In this study, we design and implement XFinder, a dynamic unknown traffic anomaly detection framework in distributed machine learning. XFinder adopts an online mode to detect unknown anomalies in real-time. XFinder detects unknown anomalies by the unknowns detector, transfers the unknown anomalies to the prior knowledge base by the network updater, and adopts the online mode to report new anomalies in real-time. The experimental results show that the average accuracy of the unknown anomaly detection of our model is increased by 27% and the average F1-Score is improved by 20%. Compared with the offline mode, XFinder’s detection time is reduced by an average of approximately 33% on three datasets, and can better meet the network requirement.

scholarly journals Anomaly Intrusion Detection System in Real Time Environment using Ensemble Learning Model

2019 ◽  
Vol 8 (4) ◽  
pp. 4908-4917
Keyword(s):  
Intrusion Detection ◽  
Anomaly Detection ◽  
Real Time ◽  
Network Traffic ◽  
Intrusion Detection System ◽  
Detection System ◽  
False Negative ◽  
Ensemble Classification ◽  
Data Set ◽  
Rule Set

System security is of essential part now days for huge organizations. The Intrusion Detection System (IDS) are getting to be irreplaceable for successful assurance against intrusions that are continually changing in size and intricacy. With information honesty, privacy and accessibility, they must be solid, simple to oversee and with low upkeep cost. Different adjustments are being connected to IDS consistently to recognize new intrusions and handle them. This paper proposes model based on combination of ensemble classification for network traffic anomaly detection. Intrusion detection system is try to perform in real time, but they cannot improved due to the network connections. This research paper is trying to implement intrusion detection system (IDS) using ensemble method for misuse as well anomaly detection for HIDS and NIDS based also. This system used various individual classification methods and its ensemble model on KDD99 and NSL-KDD data set to check the performance of model. It also check the performance on creating real time network traffic using own attack creator and send this to the remote machine which has our proposed IDS system. This system used training rule set as a background knowledge which are generated by genetic algorithm. Ensemble approach contains three algorithms as Naive Bayes, Artificial Neural Network and J48. Ensemble classifiers apply on network packets mapping with GA rule set and generate the result. Finally our proposed model produces highest detection rate and lower false negative ratio compare to others. Also find the accuracy of each attack types.

Application of Machine Learning for Lithology-on-Bit Prediction using Drilling Data in Real-Time

2021 ◽  
Author(s):  
Temirlan Zhekenov ◽  
Artem Nechaev ◽  
Kamilla Chettykbayeva ◽  
Alexey Zinovyev ◽  
German Sardarov ◽  
...  
Keyword(s):  
Machine Learning ◽  
Data Quality ◽  
Real Time ◽  
Hybrid Modeling ◽  
Data Set ◽  
Drilling Parameters ◽  
Drilling Data ◽  
Stable Solutions ◽  
Mud Logging

SUMMARY Researchers base their analysis on basic drilling parameters obtained during mud logging and demonstrate impressive results. However, due to limitations imposed by data quality often present during drilling, those solutions often tend to lose their stability and high levels of predictivity. In this work, the concept of hybrid modeling was introduced which allows to integrate the analytical correlations with algorithms of machine learning for obtaining stable solutions consistent from one data set to another.

A Novel Network Traffic Anomaly Detection Based on Multi-Scale Fusion

2011 ◽  
Vol 48-49 ◽  
pp. 102-105
Author(s):  
Guo Zhen Cheng ◽  
Dong Nian Cheng ◽  
He Lei
Keyword(s):  
Anomaly Detection ◽  
False Alarm ◽  
False Alarm Rate ◽  
Network Traffic ◽  
Self Similarity ◽  
Data Set ◽  
Multi Scale ◽  
Traffic Anomaly ◽  
Detection Evaluation ◽  
Better Than

Detecting network traffic anomaly is very important for network security. But it has high false alarm rate, low detect rate and that can’t perform real-time detection in the backbone very well due to its nonlinearity, nonstationarity and self-similarity. Therefore we propose a novel detection method—EMD-DS, and prove that it can reduce mean error rate of anomaly detection efficiently after EMD. On the KDD CUP 1999 intrusion detection evaluation data set, this detector detects 85.1% attacks at low false alarm rate which is better than some other systems.

Network Situational Awareness

2015 ◽  
pp. 334-349 ◽  
Author(s):  
Tom Fairfax ◽  
Christopher Laing ◽  
Paul Vickers
Keyword(s):  
Real Time ◽  
Network Traffic ◽  
Affective Computing ◽  
Situational Awareness ◽  
Computer Network ◽  
Emergent Properties ◽  
Self Organized ◽  
Traffic Volumes ◽  
Self Organized Criticality ◽  
Intelligent Information

This chapter treats computer networks as a cyber warfighting domain in which the maintenance of situational awareness is impaired by increasing traffic volumes and the lack of immediate sensory perception. Sonification (the use of non-speech audio for communicating information) is proposed as a viable means of monitoring a network in real time and a research agenda employing the sonification of a network's self-organized criticality within a context-aware affective computing scenario is given. The chapter views a computer network as a cyber battlespace with a particular operations spectrum and dynamics. Increasing network traffic volumes are interfering with the ability to present real-time intelligence about a network and so suggestions are made for how the context of a network might be used to help construct intelligent information infrastructures. Such a system would use affective computing principles to sonify emergent properties (such as self-organized criticality) of network traffic and behaviour to provide effective real-time situational awareness.

A Review of Machine Learning Techniques for Anomaly Detection in Static Graphs

2020 ◽  
pp. 146-162
Author(s):  
Hesham M. Al-Ammal
Keyword(s):  
Machine Learning ◽  
Neural Networks ◽  
Anomaly Detection ◽  
Real Life ◽  
Machine Learning Techniques ◽  
Support Vector ◽  
Learning Methods ◽  
Data Set ◽  
Learning Techniques ◽  
Vector Machines

Detection of anomalies in a given data set is a vital step in several applications in cybersecurity; including intrusion detection, fraud, and social network analysis. Many of these techniques detect anomalies by examining graph-based data. Analyzing graphs makes it possible to capture relationships, communities, as well as anomalies. The advantage of using graphs is that many real-life situations can be easily modeled by a graph that captures their structure and inter-dependencies. Although anomaly detection in graphs dates back to the 1990s, recent advances in research utilized machine learning methods for anomaly detection over graphs. This chapter will concentrate on static graphs (both labeled and unlabeled), and the chapter summarizes some of these recent studies in machine learning for anomaly detection in graphs. This includes methods such as support vector machines, neural networks, generative neural networks, and deep learning methods. The chapter will reflect the success and challenges of using these methods in the context of graph-based anomaly detection.

Sign in / Sign up

Export Citation Format

Share Document