Evaluating the Performance and Challenges of Machine Learning Models in Network Anomaly Detection
DOI:
https://doi.org/10.32628/IJSRSET5241134Keywords:
Machine Learning Models, Network Anomaly Detection, Network Traffic Data, Random Forest Classifier, Performance EvaluationAbstract
The application of machine learning algorithms for anomaly detection in network traffic data is examined in this study. Using a collection of network flow records that includes attributes such as IP addresses, ports, protocols, and timestamps, the study makes use of correlation heatmaps, box plots, and data visualization to identify trends in numerical characteristics. After preprocessing, which includes timestamp conversion to Unix format, three machine learning models Support Vector Machine (SVM), Gaussian Naive Bayes, and Random Forest are used for anomaly identification. The Random Forest Classifier outperforms SVM and Naive Bayes classifiers with better precision and recall for anomaly diagnosis, achieving an accuracy of 87%. Confusion matrices and classification reports are used to evaluate the models, and they show that the Random Forest Classifier performs better than the other models in identifying abnormalities in network traffic. These results provide significant value to the field of cybersecurity by highlighting the effectiveness of machine learning models specifically, the Random Forest Classifier in boosting anomaly detection capacities for network environment security.
Downloads
References
Xingyu Gong, Ke Cao, Na Li, Pengtao Jia, "Network Anomaly Traffic Detection Algorithm Based on RIC-SC-DeCN", Computational Intelligence and Neuroscience, vol. 2022, Article ID 8315442, 9 pages, 2022. https://doi.org/10.1155/2022/8315442 DOI: https://doi.org/10.1155/2022/8315442
Qian Ma, Cong Sun, Baojiang Cui, "A Novel Model for Anomaly Detection in Network Traffic Based on Support Vector Machine and Clustering", Security and Communication Networks, vol. 2021, Article ID 2170788, 11 pages, 2021. https://doi.org/10.1155/2021/2170788 DOI: https://doi.org/10.1155/2021/2170788
Liu, Haitao & Wang, Haifeng. (2023). Real-Time Anomaly Detection of Network Traffic Based on CNN. Symmetry. 15. 1205. 10.3390/sym15061205. DOI: https://doi.org/10.3390/sym15061205
Huang, Yanling & Huang, Liusong. (2023). Design of Network Traffic Anomaly Monitoring System Based on Data Mining. 10.1007/978-3-031-28787-9_41. DOI: https://doi.org/10.1007/978-3-031-28787-9_41
Patel, Niranjan & Hiwarkar, Tryambak. (2022). Design and Analysis of System to Detect Anomaly from Network Traffic to Improve the Security and Improve Performance. International Journal of Computer Science and Mobile Computing. 11. 87-104. 10.47760/ijcsmc.2022.v11i06.007. DOI: https://doi.org/10.47760/ijcsmc.2022.v11i06.007
Saeed, Umer & Ullah, Sana & Ahmad, Jawad & Shah, Mohammed & Shah, Syed Aziz & Alshehri, Yasin & Ghadi, Nikolaos & Pitropakis, William & Buchanan, & Jan, Sana Ullah & Shah, & Alshehri, Mohammed & Ghadi, Yazeed & Pitropakis, Nikolaos & Buchanan, William. (2023). Highlights Generative Adversarial Networks-enabled Anomaly Detection Systems: A Survey Generative Adversarial Networks-enabled Anomaly Detection Systems: A Survey. 10.13140/RG.2.2.29694.97604.
Rabbani, Mahdi & Wang, Yongli & Khoshkangini, Reza & Jelodar, Hamed & Zhao, Ruxin & Bagheri Baba Ahmadi, Sajjad & Ayobi, Seyedvalyallah. (2021). A Review on Machine Learning Approaches for Network Malicious Behavior Detection in Emerging Technologies. Entropy. 10.3390/e23050529. DOI: https://doi.org/10.3390/e23050529
Chih-Yuan Lin, Simin Nadjm-Tehrani,Protocol study and anomaly detection for server-driven traffic in SCADA networks, International Journal of Critical Infrastructure Protection,Volume 42, 2023,100612, ISSN 1874-5482, https://doi.org/10.1016/j.ijcip.2023.100612. DOI: https://doi.org/10.1016/j.ijcip.2023.100612
Xin Yue, Guangming Bo, Jianxun Zhang,Research and Application of Network Anomaly Traffic Detection System, Procedia Computer Science,Volume 208,2022,Pages524531,ISSN18770509, https://doi.org/10.1016/j.procs.2022.10.072. DOI: https://doi.org/10.1016/j.procs.2022.10.072
Łukasz Wawrowski, Marcin Michalak, Andrzej Białas, Rafał Kurianowicz, Marek Sikora, Mariusz Uchroński, Adrian Kajzer,Detecting anomalies and attacks in network traffic monitoring with classification methods and XAI-based explainability, Procedia Computer Science, Volume 192, 2021, Pages 2259-2268, ISSN 1877-0509, https://doi.org/10.1016/j.procs.2021.08.239. DOI: https://doi.org/10.1016/j.procs.2021.08.239
Ahmed Tamer Assy, Yahia Mostafa, Ahmed Abd El-khaleq, Maggie Mashaly, Anomaly-Based Intrusion Detection System using One-Dimensional Convolutional Neural Network, Procedia Computer Science, Volume 220, 2023, Pages 78-85, ISSN 1877-0509, https://doi.org/10.1016/j.procs.2023.03.013. DOI: https://doi.org/10.1016/j.procs.2023.03.013
Llorenç Cerdà-Alabern, Gabriel Iuhasz, Gabriele Gemmi, Anomaly detection for fault detection in wireless community networks using machine learning, Computer Communications, Volume 202, 2023, Pages 191-203,ISSN 0140-3664, https://doi.org/10.1016/j.comcom.2023.02.019. DOI: https://doi.org/10.1016/j.comcom.2023.02.019
Hashim, Baydaa & Sallehudin, Hasimi & Mohd Satar, Nurhizam & Murhg, Hamed & Abdelghany, Shaymaa. (2023). Anomaly Detection of Distributed Denial of Service (DDoS) in IoT Network Using Machine Learning. 10.21203/rs.3.rs-3496063/v1.
Haque, Ahshanul & Chowdhury, Naseef & Soliman, Hamdy & Hossen, Mohammad Sahinur & Fatima, Tanjim & Ahmed, Imtiaz. (2023). Wireless Sensor Networks anomaly detection using Machine Learning: A Survey. 10.48550/arXiv.2303.08823. DOI: https://doi.org/10.1007/978-3-031-47715-7_34
Zeyuan Fu, "Computer Network Intrusion Anomaly Detection with Recurrent Neural Network", Mobile Information Systems, vol. 2022, Article ID 6576023, 11 pages, 2022. https://doi.org/10.1155/2022/6576023. DOI: https://doi.org/10.1155/2022/6576023
Shi, Yuanquan & Shen, Hong. (2022). Unsupervised anomaly detection for network traffic using artificial immune networks. Neural Computing and Applications. 34. 10.1007/s00521-022-07156-x. DOI: https://doi.org/10.1007/s00521-022-07156-x
Wei, Guanglu & Wang, Zhonghua. (2021). Adoption and realization of deep learning in network traffic anomaly detection device design. Soft Computing. 25. 10.1007/s00500-020-05210-1. DOI: https://doi.org/10.1007/s00500-020-05210-1
Bhuyan, Monowar & Bhattacharyya, Dhruba K & Kalita, Jugal. (2017). Network Traffic Anomaly Detection and Prevention: Concepts, Techniques, and Tools. 10.1007/978-3-319-65188-0. DOI: https://doi.org/10.1007/978-3-319-65188-0_4
Yang, Dong & Liu, Ze & Wei, Songjie. (2023). Interactive Learning for Network Anomaly Monitoring and Detection with Human Guidance in the Loop. Sensors. 23. 7803. 10.3390/s23187803. DOI: https://doi.org/10.3390/s23187803
Y. Sun, H. Ochiai and H. Esaki, "Deep Learning-Based Anomaly Detection in LAN from Raw Network Traffic Measurement," 2021 55th Annual Conference on Information Sciences and Systems (CISS), Baltimore, MD, USA, 2021, pp. 1-5, doi: 10.1109/CISS50987.2021.9400241. DOI: https://doi.org/10.1109/CISS50987.2021.9400241
Downloads
Published
Issue
Section
License
Copyright (c) 2024 International Journal of Scientific Research in Science, Engineering and Technology
This work is licensed under a Creative Commons Attribution 4.0 International License.
How to Cite
