Network Anomaly Detection With Temporal Convolutional Network and U-Net Model
Identifikátory výsledku
Kód výsledku v IS VaVaI
<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216305%3A26220%2F21%3APU142186" target="_blank" >RIV/00216305:26220/21:PU142186 - isvavai.cz</a>
Výsledek na webu
<a href="https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=9583228" target="_blank" >https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=9583228</a>
DOI - Digital Object Identifier
<a href="http://dx.doi.org/10.1109/ACCESS.2021.3121998" target="_blank" >10.1109/ACCESS.2021.3121998</a>
Alternativní jazyky
Jazyk výsledku
angličtina
Název v původním jazyce
Network Anomaly Detection With Temporal Convolutional Network and U-Net Model
Popis výsledku v původním jazyce
Anomaly detection in network traffic is one of the key techniques to ensure security in future networks. Today, the importance of this topic is even higher, since the network traffic is growing and there is a need to have smart algorithms, which can automatically adapt to new network conditions, detect threats and recognize the type of the possible network attack. Nowadays, there are a lot of different approaches, some of them have reached relatively sufficient accuracy. However, the majority of works are being tested on old datasets, which do not reflect current network conditions and it leads to overfitted results. This is caused by high redundancy of the data and because they fail to reflect the performance of the latest methods in the real-world anomaly detection applications. In this work, we applied a couple of new methods based on convolutional neural networks: U-Net based and Temporal convolutional network based for network attack classification. We trained and evaluated methods on the old dataset KDD99 and the modern large-scale one CSE-CIC-IDS2018. According to results, Temporal convolutional network with LSTM has achieved accuracy 92% and 97% on the KDD99 and the CSE-CIC-IDS2018 respectively, the U-Net model has accuracy 93% and 94% on the KDD99 and the CSE-CIC-IDS2018 respectively. Additionally, we utilized the focal loss function in the Temporal convolutional network with Long Short-Term Memory model, which has positive effect on class imbalance in time-series data. We showed, that the Temporal convolutional network in combination with Long Short-Term Memory network and U-Net model can give higher accuracy compared to other network architectures for network traffic classification. In this work we also proved, that methods trained on the old dataset can easily overfit during training and achieve relatively good results on the testing set, but at the same time, these methods are not so successful on more complex and actual data.
Název v anglickém jazyce
Network Anomaly Detection With Temporal Convolutional Network and U-Net Model
Popis výsledku anglicky
Anomaly detection in network traffic is one of the key techniques to ensure security in future networks. Today, the importance of this topic is even higher, since the network traffic is growing and there is a need to have smart algorithms, which can automatically adapt to new network conditions, detect threats and recognize the type of the possible network attack. Nowadays, there are a lot of different approaches, some of them have reached relatively sufficient accuracy. However, the majority of works are being tested on old datasets, which do not reflect current network conditions and it leads to overfitted results. This is caused by high redundancy of the data and because they fail to reflect the performance of the latest methods in the real-world anomaly detection applications. In this work, we applied a couple of new methods based on convolutional neural networks: U-Net based and Temporal convolutional network based for network attack classification. We trained and evaluated methods on the old dataset KDD99 and the modern large-scale one CSE-CIC-IDS2018. According to results, Temporal convolutional network with LSTM has achieved accuracy 92% and 97% on the KDD99 and the CSE-CIC-IDS2018 respectively, the U-Net model has accuracy 93% and 94% on the KDD99 and the CSE-CIC-IDS2018 respectively. Additionally, we utilized the focal loss function in the Temporal convolutional network with Long Short-Term Memory model, which has positive effect on class imbalance in time-series data. We showed, that the Temporal convolutional network in combination with Long Short-Term Memory network and U-Net model can give higher accuracy compared to other network architectures for network traffic classification. In this work we also proved, that methods trained on the old dataset can easily overfit during training and achieve relatively good results on the testing set, but at the same time, these methods are not so successful on more complex and actual data.
Klasifikace
Druh
J<sub>imp</sub> - Článek v periodiku v databázi Web of Science
CEP obor
—
OECD FORD obor
20203 - Telecommunications
Návaznosti výsledku
Projekt
—
Návaznosti
S - Specificky vyzkum na vysokych skolach
Ostatní
Rok uplatnění
2021
Kód důvěrnosti údajů
S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů
Údaje specifické pro druh výsledku
Název periodika
IEEE Access
ISSN
2169-3536
e-ISSN
—
Svazek periodika
9
Číslo periodika v rámci svazku
1
Stát vydavatele periodika
US - Spojené státy americké
Počet stran výsledku
15
Strana od-do
143608-143622
Kód UT WoS článku
000711702900001
EID výsledku v databázi Scopus
2-s2.0-85119020415