Monitoring and Identification of Abnormal Network Traffic by Different Mathematical Models
Keywords:Computation mathematical model, abnormal traffic, monitoring, recognition, neural network
The presence of anomalous traffic on the network causes some dangers to network security. To address the issue of monitoring and identifying abnormal traffic on the network, this paper first selected the traffic features with the mutual information-based method and then compared different mathematical models, including k-Nearest Neighbor (KNN), Back-Propagation Neural Network (BPNN), and Elman. Then, parameters were optimized by the Grasshopper Optimization Algorithm (GOA) based on the defects of BPNN and Elman to obtain GOA-BPNN and GOA-Elman models. The performance of these mathematical models was compared on UNSW-UB15. It was found that the KNN model had the worst performance and the Elman model performed better than the BPNN model. After GOA optimization, the performance of the models was improved. The GOA-Elman model had the best performance in monitoring and recognizing abnormal traffic, with an accuracy of 97.33%, and it performed well in monitoring and recognizing different types of traffic. The research results demonstrate the reliability of the GOA-Elman model, providing a new approach for network security.
Yao H, Liu Y, and Chao F. An Abnormal Network Traffic Detection Algorithm Based on Big Data Analysis. International Journal of Computers, Communications & Control (IJCCC), 11(4):567, 2016.
Ma Q, Sun C, Cui B, Cui B, and Jin X. A Novel Model for Anomaly Detection in Network Traffic Based on Kernel Support Vector Machine. Computers & Security, 104(2):102215, 2021.
Singh R, Kumar H, and Singla R K. An intrusion detection system using network traffic profiling and online sequential extreme learning machine. Expert Systems with Applications, 42(22):8609–8624, 2015.
Liu C, Zhang Y, Xie C, Wang D, and Li Z. Network traffic detection based on part matching and section evolution of immune elements. Journal of Physics: Conference Series, 1774(1):012071 (6 pp), 2021.
Roselin A G, Nanda P, Nepal S, and He X. Intelligent Anomaly Detection for Large Network Traffic With Optimized Deep Clustering (ODC) Algorithm. IEEE Access, 9:47243–47251, 2021.
Nie L, Wu Y, Wang H, and Li Y. Anomaly Detection Based on Spatio-Temporal and Sparse Features of Network Traffic in VANETs. IEEE Access, 7:177954–177964, 2019.
Li M, Han D, Yin X, Liu H, and Li D. Design and Implementation of an Anomaly Network Traffic Detection Model Integrating Temporal and Spatial Features. Security and Communication Networks, (1):1–15, 2021.
Ma W, Zhang Y, Guo J, and Yu Q. Few-Shot Abnormal Network Traffic Detection Based on Multi-scale Deep-CapsNet and Adversarial Reconstruction. International Journal of Computational Intelligence Systems, 14(1):1–25, 2021.
Zhang Y, Xu C, Guo D, Song M, Teng Y, and Wang X. PCCN: Parallel Cross Convolutional Neural Network for Abnormal Network Traffic Flows Detection in Multi-class imbalanced Network Traffic Flows. IEEE Access, 7:119904–119916, 2019.
Pan F C, Han D Z, and Hu Y. Design and application of real-time network abnormal traffic detection system based on Spark Streaming. International Journal of Embedded Systems, 11(5):562–, 2019.
Lei G, Ji L, Ji R, Cao Y, Wei Y, and Wang H. Can Wavelet Transform Detect LDDoS Abnormal Traffic in Multipath TCP Transmission System?. Security and Communication Networks, 2021(2):1–8, 2021.
Li X, Yi P, Jiang Y, Yu J. A router abnormal traffic detection strategy based on active defense. Journal of Physics Conference Series, 1738: 1–7, 2021.
Ding P, Li J, Wen M, Wang L, and Li H. Efficient BiSRU Combined With Feature Dimensionality Reduction for Abnormal Traffic Detection. IEEE Access, 8:164414–164427, 2020.
Liu H, Liu Z, Liu Y, and Gao X. Abnormal Network Traffic Detection based on Leaf Node Density Ratio. ICCNS 2019: 2019 the 9th International Conference on Communication and Network Security, 69–74, 2019.
Alkasassbeh M. A Novel Hybrid Method for Network Anomaly Detection Based on Traffic Prediction and Change Point Detection. Journal of Computer Science, 14(2):153–162, 2018.
Nakashima M, Sim A, Kim Y, Kim J, and Kim J. Automated Feature Selection for Anomaly Detection in Network Traffic Data. ACM Transactions on Management Information Systems, 12(3):1–28, 2021.
Bhuyan M H, Bhattacharyya D K, and Kalita J K. A Multi-step Outlier-based Anomaly Detection Approach to Network-wide Traffic. Information Sciences, 2016:S0020025516300779, 2016.
Liao T, Lei Z, Zhu T, Zeng S, Li Y, and Yuan C. Deep Metric Learning for K Nearest Neighbor Classication. IEEE Transactions on Knowledge and Data Engineering, PP(99):1–1, 2021.
Joachim W, Rolf B, and Bjrn G. Robust and efficient single-cell Hi-C clustering with approximate k-nearest neighbor graphs. Bioinformatics, 2021(22):22, 2021.
Xu Y. The Abnormal Network Traffic Recognition Method Based on Optimized BP ANN Model. International Journal of Future Generation Communication and Networking, 8(3):61–70, 2015.
Xu Z, Gui W, Heidari A A, Liang G, Chen H, Wu C, Turabieh H, and Mafarja M. Spiral Motion Mode Embedded Grasshopper Optimization Algorithm: Design and Analysis. IEEE Access, 9:71104–71132, 2021.
Raghu S, Sriraam N, and Kumar G P. Classification of epileptic seizures using wavelet packet log energy and norm entropies with recurrent Elman neural network classifier. Cognitive Neurodynamics, 11(1):1–16, 2017.
Moustafa N, and Jill S. UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set). 2015 Military Communications and Information Systems Conference (MilCIS), 2015:1–6, 2015.
Copyright (c) 2022 Journal of Cyber Security and Mobility
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.