Network Anomaly Detection With Temporal Convolutional Network and U-Net Model

Simple item page
dc.contributor.authorMezina, Anzhelikacs
dc.contributor.authorBurget, Radimcs
dc.contributor.authorTravieso-González, Carlos M.cs
dc.coverage.issue1cs
dc.coverage.volume9cs
dc.date.accessioned2021-12-07T07:53:50Z
dc.date.available2021-12-07T07:53:50Z
dc.date.issued2021-10-21cs
dc.description.abstractAnomaly detection in network traffic is one of the key techniques to ensure security in future networks. Today, the importance of this topic is even higher, since the network traffic is growing and there is a need to have smart algorithms, which can automatically adapt to new network conditions, detect threats and recognize the type of the possible network attack. Nowadays, there are a lot of different approaches, some of them have reached relatively sufficient accuracy. However, the majority of works are being tested on old datasets, which do not reflect current network conditions and it leads to overfitted results. This is caused by high redundancy of the data and because they fail to reflect the performance of the latest methods in the real-world anomaly detection applications. In this work, we applied a couple of new methods based on convolutional neural networks: U-Net based and Temporal convolutional network based for network attack classification. We trained and evaluated methods on the old dataset KDD99 and the modern large-scale one CSE-CIC-IDS2018. According to results, Temporal convolutional network with LSTM has achieved accuracy 92% and 97% on the KDD99 and the CSE-CIC-IDS2018 respectively, the U-Net model has accuracy 93% and 94% on the KDD99 and the CSE-CIC-IDS2018 respectively. Additionally, we utilized the focal loss function in the Temporal convolutional network with Long Short-Term Memory model, which has positive effect on class imbalance in time-series data. We showed, that the Temporal convolutional network in combination with Long Short-Term Memory network and U-Net model can give higher accuracy compared to other network architectures for network traffic classification. In this work we also proved, that methods trained on the old dataset can easily overfit during training and achieve relatively good results on the testing set, but at the same time, these methods are not so successful on more complex and actual data.en
dc.formattextcs
dc.format.extent143608-143622cs
dc.format.mimetypeapplication/pdfcs
dc.identifier.citationIEEE Access. 2021, vol. 9, issue 1, p. 143608-143622.en
dc.identifier.doi10.1109/ACCESS.2021.3121998cs
dc.identifier.issn2169-3536cs
dc.identifier.other173262cs
dc.identifier.urihttp://hdl.handle.net/11012/203080
dc.language.isoencs
dc.publisherIEEEcs
dc.relation.ispartofIEEE Accesscs
dc.relation.urihttps://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=9583228cs
dc.rightsCreative Commons Attribution 4.0 Internationalcs
dc.rights.accessopenAccesscs
dc.rights.sherpahttp://www.sherpa.ac.uk/romeo/issn/2169-3536/cs
dc.rights.urihttp://creativecommons.org/licenses/by/4.0/cs
dc.subjectConvolutional neural networken
dc.subjectdeep learningen
dc.subjectintrusion detection systemen
dc.subjectmulti-class classificationen
dc.subjectsecurityen
dc.subjectimbalanced dataseten
dc.titleNetwork Anomaly Detection With Temporal Convolutional Network and U-Net Modelen
dc.type.driverarticleen
dc.type.statusPeer-revieweden
dc.type.versionpublishedVersionen
sync.item.dbidVAV-173262en
sync.item.dbtypeVAVen
sync.item.insts2022.01.19 12:54:50en
sync.item.modts2022.01.19 12:15:12en
thesis.grantorVysoké učení technické v Brně. Fakulta elektrotechniky a komunikačních technologií. Ústav telekomunikacícs
Files
Original bundle
Now showing 1 - 1 of 1
Thumbnail Image
Name:
Mezina2021.pdf
Size:
1.86 MB
Format:
Adobe Portable Document Format
Description:
Mezina2021.pdf
Download
Collections
Ústav telekomunikací