Machine Learning in Network Anomaly Detection: A Survey (original) (raw)
Related papers
Analysis of Various Machine Learning Approach to Detect Anomaly from Network Traffic
International journal of computer science and mobile computing, 2022
Although conventional network security measures have been effective up until now, machine learning techniques are a strong contender in the present network environment due to their flexibility. In this study, we evaluate how well the latter can identify security issues in a corporative setting Network. In order to do so, we configure and contrast a number of models to determine which one best our demands. In addition, we spread the computational load and storage to support large quantities of data. Our model-building methods, Random Forest and Naive Bayes.
Detection of Anomaly using Machine Learning: A Comprehensive Survey
International Journal of Emerging Technology and Advanced Engineering
Anomaly detection is an important element in the domain of security. As a result, we undertook a literature review on ML algorithms that identify abnormalities. In this paper, we are presenting a review of the 101 research articles describing ML techniques for anomaly detection published between 2015 - 2022.The goal of this paper is to review research papers that have used machine learning to develop anomaly detection algorithmThe forms of anomaly detection examined in this study include system log anomaly detection, network anomaly detection, cloud-based anomaly detection, and anomaly detection in the medical profession. After assessing the selected research articles, we present more than 10 applications of anomaly detection. Also, we have shared a range of datasets used in anomaly detection research, in addition to revealing 30+ new ML models employed in anomaly detection. We have discovered 55 new datasets for anomaly detection. We've noticed that the majority of researchers ...
Network Anomaly Detection Using Machine Learning Techniques
Proceedings
While traditional network security methods have been proven useful until now, the flexibility of machine learning techniques makes them a solid candidate in the current scene of our networks. In this paper, we assess how well the latter are capable of detecting security threats in a corporative network. To that end, we configure and compare several models to find the one which fits better with our needs. Furthermore, we distribute the computational load and storage so we can handle extensive volumes of data. The algorithms that we use to create our models, Random Forest, Naive Bayes, and Deep Neural Networks (DNN), are both divergent and tested in other papers in order to make our comparison richer. For the distribution phase, we operate with Apache Structured Streaming, PySpark, and MLlib. As for the results, it is relevant to mention that our dataset has been found to be effectively modelable with just a reduced number of features. Finally, given the outcomes obtained, we find thi...
Enhancing Cybersecurity through Machine Learning: An Exploration of Anomaly Detection
International Journal of Computer Science and Mobile Computing (IJCSMC), 2024
In the contemporary digital environment, cybersecurity is one of the most crucial areas to take care of. The rising sophistication of cyber threats poses a severe risk to individuals and businesses. Below is the research work of elaboration on the application of machine learning techniques in the improved anomaly detection for cybersecurity. The study will detect and attempt to mitigate more anomalous activities indicating possible cyber threats using Machine Learning algorithms. More concretely, this study consists of a thorough literature review of existing works on cybersecurity and machine learning, delves into a variety of algorithms for anomaly detection, and evaluates their empirical performance.
Effective and efficient network anomaly detection system using machine learning algorithm
Bulletin of Electrical Engineering and Informatics, 2019
Network anomaly detection system enables to monitor computer network that behaves differently from the network protocol and it is many implemented in various domains. Yet, the problem arises where different application domains have different defining anomalies in their environment. These make a difficulty to choose the best algorithms that suit and fulfill the requirements of certain domains and it is not straightforward. Additionally, the issue of centralization that cause fatal destruction of network system when powerful malicious code injects in the system. Therefore, in this paper we want to conduct experiment using supervised Machine Learning (ML) for network anomaly detection system that low communication cost and network bandwidth minimized by using UNSW-NB15 dataset to compare their performance in term of their accuracy (effective) and processing time (efficient) for a classifier to build a model. Supervised machine learning taking account the important features by labelling it from the datasets. The best machine learning algorithm for network dataset is AODE with a comparable accuracy is 97.26% and time taken approximately 7 seconds. Also, distributed algorithm solves the issue of centralization with the accuracy and processing time still a considerable compared to a centralized algorithm even though a little drop of the accuracy and a bit longer time needed.
Machine Learning for Network Intrusion Detection—A Comparative Study
Future Internet
Modern society has quickly evolved to utilize communication and data-sharing media with the advent of the internet and electronic technologies. However, these technologies have created new opportunities for attackers to gain access to confidential electronic resources. As a result, data breaches have significantly impacted our society in multiple ways. To mitigate this situation, researchers have developed multiple security countermeasure techniques known as Network Intrusion Detection Systems (NIDS). Despite these techniques, attackers have developed new strategies to gain unauthorized access to resources. In this work, we propose using machine learning (ML) to develop a NIDS system capable of detecting modern attack types with a very high detection rate. To this end, we implement and evaluate several ML algorithms and compare their effectiveness using a state-of-the-art dataset containing modern attack types. The results show that the random forest model outperforms other models, ...
Machine Learning and Threat Detection: A Review
National Seminar on National Development through Science and Technology, 2017
Today’s computer network systems are vulnerable both to abuse by insiders and to penetration by outsiders, as evidenced by the growing number of incidents reported. To close all security loopholes from today’s network systems is infeasible, and no combination of technologies can prevent legitimate users from abusing their authority in a network; thus auditing is viewed as the last line of defense. The popularity of using Internet contains risks of network attacks. Intrusion detection is one major research problem in network security, whose aim is to identify unusual access or attacks to secure internal networks. In literature, intrusion detection systems have been approached by various machine learning techniques. Here we want to provide an overview of current achievements and limitations in developing intrusion detection systems by machine learning.
A Survey on Network-Based Intrusion Detection Systems Using Machine Learning Algorithms
International Journal of Engineering Applied Sciences and Technology, 2022
Network security is of central significance in the current information world. Due to the rapid increase of network-enabled devices, there is a significant risk of network intrusion more than ever. Hackers and intruders can successfully attack to cause the crash of the networks and web services by the unauthorized intrusion, which may cause a significant loss to an organization in terms of data and money. So, it is high time to create an intrusion detection system that can detect all types of intrusion. Due to the rapid growth and significant results of machine learning (ML) algorithms in several areas, there has recently been much interest in applying them to network security. The network-based intrusion detection system (NIDS) has much promise to be the borderline of defence against intrusions in the current information communication technology (ICT) era, and it's a critical aspect of network security. Due to the dynamic nature of attacks, intrusion detection datasets are avail...
Machine learning approaches to network anomaly detection
2007
Networks of various kinds often experience anomalous behaviour. Examples include attacks or large data transfers in IP networks, presence of intruders in distributed video surveillance systems, and an automobile accident or an untimely congestion in a road network. Machine learning techniques enable the development of anomaly detection algorithms that are non-parametric, adaptive to changes in the characteristics of normal behaviour in the relevant network, and portable across applications. In this paper we use two different datasets, pictures of a highway in Quebec taken by a network of webcams and IP traffic statistics from the Abilene network, as examples in demonstrating the applicability of two machine learning algorithms to network anomaly detection. We investigate the use of the block-based One-Class Neighbour Machine and the recursive Kernel-based Online Anomaly Detection algorithms.
A Review of Machine Learning based Anomaly Detection Techniques
Intrusion detection is so much popular since the last two decades where intrusion is attempted to break into or misuse the system. It is mainly of two types based on the intrusions, first is Misuse or signature based detection and the other is Anomaly detection. In this paper Machine learning based methods which are one of the types of Anomaly detection techniques is discussed.