To see the other types of publications on this topic, follow the link: Networks anomalies detection.
Journal articles on the topic 'Networks anomalies detection'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 journal articles for your research on the topic 'Networks anomalies detection.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.
1
Mažeika, Dalius, and Saulius Jasonis. "NETWORK TRAFFIC ANOMALIES DETECTING USING MAXIMUM ENTROPY METHOD / KOMPIUTERIŲ TINKLO SRAUTO ANOMALIJŲ ATPAŽINIMAS MAKSIMALIOS ENTROPIJOS METODU." Mokslas – Lietuvos ateitis 6, no. 2 (April 24, 2014): 162–67. http://dx.doi.org/10.3846/mla.2014.22.
Full textAbstract:
The problem of traffic anomalies in computer networks is analyzed. NetFlow packets are used as network traffic data and maximum entropy methods is used for anomalies detection. Method detects network anomalies by comparing the current network traffic against a baseline distribution. Method is adopted according to NetFow data and performace of the method is improved. Prototype of anomalies detection system was developed and experimental investigation carried out. Results of investigation confirmed that method is sensitive to deviations of the network traffic and can be successfully used for network traffic anomalies detection. Straipsnyje nagrinėjama kompiuterių tinklo srauto anomalijų atpažinimo problema. Kompiuterių tinklo srautui stebėti pasirenkama NetFlow technologija, o anomalijos aptinkamos maksimalios entropijos metodu. Metodas pritaikytas NetFlow pateikiamiems duomenims apdoroti. Sukurta programinė priemonė ir atliktas eksperimentinis metodo tinkamumo tyrimas analizuojant „Cisco“ maršrutizatoriaus srauto duomenis. Metodas patobulintas siekiant pagreitinti skaičiavimus, tačiau neprarandant tikslumo. Nustatyta, kad metodas yra jautrus įvairaus tipo tinklo srauto nuokrypiams ir gali būti sėkmingai taikomas tinklo srauto anomalijoms aptikti.
2
Račys, Donatas, and Dalius Mažeika. "NETWORK TRAFFIC ANOMALIES IDENTIFICATION BASED ON CLASSIFICATION METHODS / TINKLO SRAUTO ANOMALIJŲ IDENTIFIKAVIMAS, TAIKANT KLASIFIKAVIMO METODUS." Mokslas – Lietuvos ateitis 7, no. 3 (July 13, 2015): 340–44. http://dx.doi.org/10.3846/mla.2015.796.
Full textAbstract:
A problem of network traffic anomalies detection in the computer networks is analyzed. Overview of anomalies detection methods is given then advantages and disadvantages of the different methods are analyzed. Model for the traffic anomalies detection was developed based on IBM SPSS Modeler and is used to analyze SNMP data of the router. Investigation of the traffic anomalies was done using three classification methods and different sets of the learning data. Based on the results of investigation it was determined that C5.1 decision tree method has the largest accuracy and performance and can be successfully used for identification of the network traffic anomalies. Straipsnyje nagrinėjama kompiuterių tinklo srauto anomalijų atpažinimo problema. Apžvelgiami kompiuterių tinklų anomalijų aptikimo metodai bei aptariami jų privalumai ir trūkumai. Naudojant IBM SPSS Modeler programų paketą sudarytas nagrinėjamo tinklo srauto anomalijų atpažinimo modelis, pritaikytas SNMP protokolu pagrįstiems maršruto parinktuvo duomenims apdoroti. Pagal tris klasifikavimo metodus ir skirtingus mokymui skirtus duomenų rinkinius atlikti skaičiavimai tinklo anomalijoms identifikuoti. Palyginant gautus rezultatus nustatyta, kad C5.1 sprendimo medžio algoritmas yra tiksliausias ir sparčiausias, todėl ir tinkamiausias tinklo srauto anomalijoms atpažinti.
3
Rejito, Juli, Deris Stiawan, Ahmed Alshaflut, and Rahmat Budiarto. "Machine learning-based anomaly detection for smart home networks under adversarial attack." Computer Science and Information Technologies 5, no. 2 (July 1, 2024): 122–29. http://dx.doi.org/10.11591/csit.v5i2.p122-129.
Full textAbstract:
As smart home networks become more widespread and complex, they are capable of providing users with a wide range of applications and services. At the same time, the networks are also vulnerable to attack from malicious adversaries who can take advantage of the weaknesses in the network's devices and protocols. Detection of anomalies is an effective way to identify and mitigate these attacks; however, it requires a high degree of accuracy and reliability. This paper proposes an anomaly detection method based on machine learning (ML) that can provide a robust and reliable solution for the detection of anomalies in smart home networks under adversarial attack. The proposed method uses network traffic data of the UNSW-NB15 and IoT-23 datasets to extract relevant features and trains a supervised classifier to differentiate between normal and abnormal behaviors. To assess the performance and reliability of the proposed method, four types of adversarial attack methods: evasion, poisoning, exploration, and exploitation are implemented. The results of extensive experiments demonstrate that the proposed method is highly accurate and reliable in detecting anomalies, as well as being resilient to a variety of types of attacks with average accuracy of 97.5% and recall of 96%.
4
Rejito, Juli, Deris Stiawan, Ahmed Alshaflut, and Rahmat Budiarto. "Machine learning-based anomaly detection for smart home networks under adversarial attack." Computer Science and Information Technologies 5, no. 2 (July 1, 2024): 122–29. http://dx.doi.org/10.11591/csit.v5i2.pp122-129.
Full textAbstract:
As smart home networks become more widespread and complex, they are capable of providing users with a wide range of applications and services. At the same time, the networks are also vulnerable to attack from malicious adversaries who can take advantage of the weaknesses in the network's devices and protocols. Detection of anomalies is an effective way to identify and mitigate these attacks; however, it requires a high degree of accuracy and reliability. This paper proposes an anomaly detection method based on machine learning (ML) that can provide a robust and reliable solution for the detection of anomalies in smart home networks under adversarial attack. The proposed method uses network traffic data of the UNSW-NB15 and IoT-23 datasets to extract relevant features and trains a supervised classifier to differentiate between normal and abnormal behaviors. To assess the performance and reliability of the proposed method, four types of adversarial attack methods: evasion, poisoning, exploration, and exploitation are implemented. The results of extensive experiments demonstrate that the proposed method is highly accurate and reliable in detecting anomalies, as well as being resilient to a variety of types of attacks with average accuracy of 97.5% and recall of 96%.
5
Liao, Xiao Ju, Yi Wang, and Hai Lu. "Rule Anomalies Detection in Firewalls." Key Engineering Materials 474-476 (April 2011): 822–27. http://dx.doi.org/10.4028/www.scientific.net/kem.474-476.822.
Full textAbstract:
Firewall is the most prevalent and important technique to enforce the security inside the networks. However, effective and free anomalies rules management in large and fast growing networks becomes increasingly challenging. In this paper, we use a directed tree-based method to detect rule anomalies in firewall; in addition, this method can track the source of the anomalies. We believe the posed information will simplify the rules management and minimizing the networking vulnerability due to firewall rules misconfigurations.
6
Gutiérrez-Gómez, Leonardo, Alexandre Bovet, and Jean-Charles Delvenne. "Multi-Scale Anomaly Detection on Attributed Networks." Proceedings of the AAAI Conference on Artificial Intelligence 34, no. 01 (April 3, 2020): 678–85. http://dx.doi.org/10.1609/aaai.v34i01.5409.
Full textAbstract:
Many social and economic systems can be represented as attributed networks encoding the relations between entities who are themselves described by different node attributes. Finding anomalies in these systems is crucial for detecting abuses such as credit card frauds, web spams or network intrusions. Intuitively, anomalous nodes are defined as nodes whose attributes differ starkly from the attributes of a certain set of nodes of reference, called the context of the anomaly. While some methods have proposed to spot anomalies locally, globally or within a community context, the problem remain challenging due to the multi-scale composition of real networks and the heterogeneity of node metadata. Here, we propose a principled way to uncover outlier nodes simultaneously with the context with respect to which they are anomalous, at all relevant scales of the network. We characterize anomalous nodes in terms of the concentration retained for each node after smoothing specific signals localized on the vertices of the graph. Besides, we introduce a graph signal processing formulation of the Markov stability framework used in community detection, in order to find the context of anomalies. The performance of our method is assessed on synthetic and real-world attributed networks and shows superior results concerning state of the art algorithms. Finally, we show the scalability of our approach in large networks employing Chebychev polynomial approximations.
7
Rana, Samir. "Anomaly Detection in Network Traffic using Machine Learning and Deep Learning Techniques." Turkish Journal of Computer and Mathematics Education (TURCOMAT) 10, no. 2 (September 10, 2019): 1063–67. http://dx.doi.org/10.17762/turcomat.v10i2.13626.
Full textAbstract:
Due to the rise of sophisticated cyberattacks, network security has become an increasingly important field. One of the most common threats to the security of networks is network anomalies, which can cause system malfunctions and prevent them from working properly. Detecting such anomalies is very important to ensure the continued operation of the network. Deep learning and machine learning algorithms have demonstrated their ability to detect network anomalies, but their effectiveness is still not widely known. This paper presents an evaluation of the performance of three algorithms against the KDD-NSL dataset. This study aims to provide a comprehensive analysis of the various techniques used in deep learning and machine learning to detect network anomalies. It will also help improve the security of networks. The paper presents an evaluation of the performance of three algorithms against the KDD-NSL dataset. The three algorithms are the Support Vector Machine, the Random Forest, and the Artificial Neural Network. They will be compared with their accuracy, recall, and F1-score. The study also explores the impact of the algorithm's feature selection on its performance. The findings of the investigation will be used to inform the development of new techniques that can be utilized to enhance the security of networks. The KDD NSL dataset provides an ideal opportunity to analyze the performance of various algorithms for detecting network anomalies.
8
Jiang, Ding De, Cheng Yao, Zheng Zheng Xu, Peng Zhang, Zhen Yuan, and Wen Da Qin. "An Continuous Wavelet Transform-Based Detection Approach to Traffic Anomalies." Applied Mechanics and Materials 130-134 (October 2011): 2098–102. http://dx.doi.org/10.4028/www.scientific.net/amm.130-134.2098.
Full textAbstract:
Anomalous traffic often has a significant impact on network activities and lead to the severe damage to our networks because they usually are involved with network faults and network attacks. How to detect effectively network traffic anomalies is a challenge for network operators and researchers. This paper proposes a novel method for detecting traffic anomalies in a network, based on continuous wavelet transform. Firstly, continuous wavelet transforms are performed for network traffic in several scales. We then use multi-scale analysis theory to extract traffic characteristics. And these characteristics in different scales are further analyzed and an appropriate detection threshold can be obtained. Consequently, we can make the exact anomaly detection. Simulation results show that our approach is effective and feasible.
9
A, Nandini. "Anomaly Detection Using CNN with I3D Feature Extraction." INTERANTIONAL JOURNAL OF SCIENTIFIC RESEARCH IN ENGINEERING AND MANAGEMENT 08, no. 03 (March 18, 2024): 1–5. http://dx.doi.org/10.55041/ijsrem29371.
Full textAbstract:
Anomaly detection is a critical task in various fields such as surveillance, healthcare, and industrial monitoring, aiming to identify patterns that deviate significantly from normal behavior.Video anomaly detection is inherently difficult due to visual complexity and variability. This work proposes a unique anomaly detection technique leveraging Convolutional Neural Networks (CNN) with Inflated 3D Convolutional Networks (I3D) for feature extraction. This involves training the CNN on a large dataset to learn normal behavior, enabling it to identify anomalies by recognizing deviations from learned patterns. Furthermore, our approach exhibits promising results in detecting various types of anomalies, including sudden changes, abnormal trajectories, and rare events. Upon detection of such activity, mail(notification) can be raised concerned people who can take immediate action.This research contributes a significant advancement in the field of anomaly detection, and holds potential for applications in surveillance, security, and industrial monitoring systems. Keywords—Anomaly detection,I3D(Inflated3D) feature extraction,Convolutional neural network, Spatio-Temporal Features,Normal and abnormal event detection.
10
Badr, Malek, Shaha Al-Otaibi, Nazik Alturki, and Tanvir Abir. "Deep Learning-Based Networks for Detecting Anomalies in Chest X-Rays." BioMed Research International 2022 (July 23, 2022): 1–10. http://dx.doi.org/10.1155/2022/7833516.
Full textAbstract:
X-ray images aid medical professionals in the diagnosis and detection of pathologies. They are critical, for example, in the diagnosis of pneumonia, the detection of masses, and, more recently, the detection of COVID-19-related conditions. The chest X-ray is one of the first imaging tests performed when pathology is suspected because it is one of the most accessible radiological examinations. Deep learning-based neural networks, particularly convolutional neural networks, have exploded in popularity in recent years and have become indispensable tools for image classification. Transfer learning approaches, in particular, have enabled the use of previously trained networks’ knowledge, eliminating the need for large data sets and lowering the high computational costs associated with this type of network. This research focuses on using deep learning-based neural networks to detect anomalies in chest X-rays. Different convolutional network-based approaches are investigated using the ChestX-ray14 database, which contains over 100,000 X-ray images with labels relating to 14 different pathologies, and different classification objectives are evaluated. Starting with the pretrained networks VGG19, ResNet50, and Inceptionv3, networks based on transfer learning are implemented, with different schemes for the classification stage and data augmentation. Similarly, an ad hoc architecture is proposed and evaluated without transfer learning for the classification objective with more examples. The results show that transfer learning produces acceptable results in most of the tested cases, indicating that it is a viable first step for using deep networks when there are not enough labeled images, which is a common problem when working with medical images. The ad hoc network, on the other hand, demonstrated good generalization with data augmentation and an acceptable accuracy value. The findings suggest that using convolutional neural networks with and without transfer learning to design classifiers for detecting pathologies in chest X-rays is a good idea.
11
Sozol, Md Shariar, Golam Mostafa Saki, and Md Mostafizur Rahman. "Anomaly Detection in Cybersecurity with Graph-Based Approaches." INTERANTIONAL JOURNAL OF SCIENTIFIC RESEARCH IN ENGINEERING AND MANAGEMENT 08, no. 008 (August 13, 2024): 1–5. http://dx.doi.org/10.55041/ijsrem37061.
Full textAbstract:
The field of cybersecurity is changing dramatically in this dynamic age of digital revolution. This work on Anomaly Detection in Cybersecurity using Graph- Based Approaches represents a ground- breaking project that uses Graph Neural Networks' (GNNs'), Graph-Based Behavioural Anomaly Detection (GBBAD), Behavioural Identification Graph (BIG) and Graph-Based Botnet Detection (GBBD) capabilities to revolutionize the way we defend our digital borders. The discovery signifies a noteworthy progress in uncovering abnormalities. The precision and flexibility of this system has been emphasized by the ability to identify minute anomalies within intricate network interactions. Graph based techniques locating nodes or edges diverging from the normal behaviour of a graph carry out anomaly detection on graphs. There are several cyber security threats including fraud, malware incursions and network attacks that can be detected using graph-based anomaly detection methods. However, there are still some areas that need more attention. For instance, one possibility is to utilize the graph-based algorithms for pre-filtering alerts from firewalls and other cybersecurity systems. Such development would significantly reduce the workload for security analysts as well as improve overall security posture. In this research work an overview of current methods of detecting anomalies on cyber security using graphs has been presented. Key Words: Graph-Based Anomaly Detection (GBAD), Graph Neural Networks (GNNs), Graph-Based Behavioural Anomaly Detection (GBBAD), Graph-Based Botnet Detection (GBBD), Types of Anomalies, Availabilities of Data Levels.
12
Dehbozorgi, Leila, Reza Akbari-Hasanjani, and Reza Sabbaghi-Nadooshan. "Chaotic seismic signal modeling based on noise and earthquake anomaly detection." Facta universitatis - series: Electronics and Energetics 35, no. 4 (2022): 603–17. http://dx.doi.org/10.2298/fuee2204603d.
Full textAbstract:
Since ancient times, people have tried to predict earthquakes using simple perceptions such as animal behavior. The prediction of the time and strength of an earthquake is of primary concern. In this study chaotic signal modeling is used based on noise and detecting anomalies before an earthquake using artificial neural networks (ANNs). Artificial neural networks are efficient tools for solving complex problems such as prediction and identification. In this study, the effective features of chaotic signal model is obtained considering noise and detection of anomalies five minutes before an earthquake occurrence. Neuro-fuzzy classifier and MLP neural network approaches showed acceptable accuracy of 84.6491% and 82.8947%, respectively. Results demonstrate that the proposed method is an effective seismic signal model based on noise and anomaly detection before an earthquake.
13
Kotenko, Igor, Igor Saenko, Oleg Lauta, and Alexander Kriebel. "Anomaly and Cyber Attack Detection Technique Based on the Integration of Fractal Analysis and Machine Learning Methods." Informatics and Automation 21, no. 6 (November 24, 2022): 1328–58. http://dx.doi.org/10.15622/ia.21.6.9.
Full textAbstract:
In modern data transmission networks, in order to constantly monitor network traffic and detect abnormal activity in it, as well as identify and classify cyber attacks, it is necessary to take into account a large number of factors and parameters, including possible network routes, data delay times, packet losses and new traffic properties that differ from normal. All this is an incentive to search for new methods and techniques for detecting cyber attacks and protecting data networks from them. The article discusses a technique for detecting anomalies and cyberattacks, designed for use in modern data networks, which is based on the integration of fractal analysis and machine learning methods. The technique is focused on real-time or near-real-time execution and includes several steps: (1) detecting anomalies in network traffic, (2) identifying cyber attacks in anomalies, and (3) classifying cyber attacks. The first stage is implemented using fractal analysis methods (evaluating the self-similarity of network traffic), the second and third stages are implemented using machine learning methods that use cells of recurrent neural networks with a long short-term memory. The issues of software implementation of the proposed technique are considered, including the formation of a data set containing network packets circulating in the data transmission network. The results of an experimental evaluation of the proposed technique, obtained using the generated data set, are presented. The results of the experiments showed a rather high efficiency of the proposed technique and the solutions developed for it, which allow early detection of both known and unknown cyber attacks.
14
PEROV, ROMAN A., OLEG S. LAUTA, ALEXANDER M. KRIBEL, and YURI V. FEDULOV. "A METHOD FOR DETECTING ANOMALIES IN NETWORK TRAFFIC." H&ES Research 14, no. 3 (2022): 25–31. http://dx.doi.org/10.36724/2409-5419-2022-14-3-25-31.
Full textAbstract:
Introduction. Computer networks (CN) are highly developed systems with a multi-level hierarchical structure. The use of information and communication technologies in the CN to collect information allows an attacker to influence networks through cyber-attacks. This is facilitated by the massive use of outdated operating systems, ineffective protection mechanisms and the presence of multiple vulnerabilities in unsecured network protocols. Such vulnerabilities help a potential attacker to change the settings of network devices, listen and redirect traffic, block network interaction and gain unauthorized access to the internal components of the CN. The impact of cyber-attacks leads to the appearance of abnormal traffic activity in the CN. For its constant monitoring and detection in the CN, it is necessary to take into account the presence of a large number of network routes, on which sharp fluctuations in data transmission delays and large packet losses periodically occur, new properties of network traffic appear, which requires ensuring high quality of application service. All this served as an incentive to search for new methods of detecting and predicting cyber-attacks fractal analysis can also be attributed to them. The aim of the work is to develop a conceptual method for detecting anomalies caused by cyber-attacks in network traffic through the use of fractal analysis. Methods used. The main provisions of the fractal theory and the use of self-similarity assessment methods proposed by this theory, such as the extended Dickey-Fuller test, R/S analysis and the DFA method, are applied. When testing fractal methods that allow conducting studies of long-term dependencies in network traffic. The scientific novelty lies in the fact that the proposed method correctly identifies anomalies caused by the impact of cyber-attacks, and also allows you to predict and detect both known and unknown computer attacks at an early stage of their manifestation. Practical significance. The presented methodology can be used as an early detection system for cyber-attacks, based on the detection of anomalies in network traffic and the adoption of effective measures to protect the network.
15
Barrionuevo, Mercedes, Mariela Lopresti, Natalia Miranda, and Fabiana Piccoli. "Secure Computer Network: Strategies and Challengers in Big Data Era." Journal of Computer Science and Technology 18, no. 03 (December 12, 2018): e28. http://dx.doi.org/10.24215/16666038.18.e28.
Full textAbstract:
As computer networks have transformed in essential tools, their security has become a crucial problem for computer systems. Detecting unusual values fromlarge volumes of information produced by network traffic has acquired huge interest in the network security area. Anomaly detection is a starting point toprevent attacks, therefore it is important for all computer systems in a network have a system of detecting anomalous events in a time near their occurrence. Detecting these events can lead network administrators to identify system failures, take preventive actions and avoid a massive damage.This work presents, first, how identify network traffic anomalies through applying parallel computing techniques and Graphical Processing Units in two algorithms, one of them a supervised classification algorithm and the other based in traffic image processing.Finally, it is proposed as a challenge to resolve the anomalies detection using an unsupervised algorithm as Deep Learning.
16
Yallamanda Rajesh Babu, Et al. "Subgraph Anomaly Detection in Social Networks using Clustering-Based Deep Autoencoders." International Journal on Recent and Innovation Trends in Computing and Communication 11, no. 9 (November 5, 2023): 1646–55. http://dx.doi.org/10.17762/ijritcc.v11i9.9150.
Full textAbstract:
Social networks are becoming more prevalent all across the globe. With all of its advantages, criminality and fraudulent conduct in this medium are on the rise. As a result, there is an urgent need to detect abnormalities in these networks before they do substantial harm. Traditional Non-Deep Learning (NDL) approaches fails to perform effectively when the size and scope of real-world social networks increase. As a result, DL techniques for anomaly detection in social networks are required. Several studies have been conducted using DL on node and edge anomaly detection. However, in the current scenario, subgraph anomaly detection utilizing Deep Learning (DL) is still in its nascent stages. This paper proposes a method called Clustering-based Deep Autoencoders (CDA) to detect subgraph anomalies in static attributed social networks. It converts the input graph into node embeddings using an encoder, clusters these nodes into communities or subgraphs, and then finds anomalies among these subgraph embeddings. The model is tested on seven open-access social network datasets, and the findings indicate that the proposed model detects the most anomalies. In the future, it is also recommended that the present experiment be aimed at dynamic social networks.
17
Rizwan, Ramsha, Farrukh Aslam Khan, Haider Abbas, and Sajjad Hussain Chauhdary. "Anomaly Detection in Wireless Sensor Networks Using Immune-Based Bioinspired Mechanism." International Journal of Distributed Sensor Networks 2015 (2015): 1–10. http://dx.doi.org/10.1155/2015/684952.
Full textAbstract:
During the past few years, we have seen a tremendous increase in various kinds of anomalies in Wireless Sensor Network (WSN) communication. Recently, researchers have shown a lot of interest in applying biologically inspired systems for solving network intrusion detection problems. Several solutions have been proposed using Artificial Immune System (AIS), Ant Colony Optimization (ACO), Artificial Bee Colony (ABC) algorithm, Genetic Algorithm (GA), Particle Swarm Optimization (PSO) and so forth. In this paper, we propose a bioinspired solution using Negative Selection Algorithm (NSA) of the AIS for anomalies detection in WSNs. For this purpose, we implement the enhanced NSA and make a detector set that holds anomalous packets only. Then the random packets are tested and matched with the detector set and anomalies are identified. Anomalous data packets are used for further processing to identify specific anomalies. In this way, the number of wormholes, packets delayed, and packets dropped are calculated and identified. Simulations are performed on a large dataset and the results show high accuracy of the proposed algorithm in detecting anomalies. The proposed NSA is also compared with Clonal Selection Algorithm (CSA) for the same dataset. The results show significant improvement of the proposed NSA over CSA in most of the cases.
18
Burgueño, Jesús, Isabel de-la-Bandera, Jessica Mendoza, David Palacios, Cesar Morillas, and Raquel Barco. "Online Anomaly Detection System for Mobile Networks." Sensors 20, no. 24 (December 17, 2020): 7232. http://dx.doi.org/10.3390/s20247232.
Full textAbstract:
The arrival of the fifth generation (5G) standard has further accelerated the need for operators to improve the network capacity. With this purpose, mobile network topologies with smaller cells are currently being deployed to increase the frequency reuse. In this way, the number of nodes that collect performance data is being further risen, so the number of metrics to be managed and analyzed is being highly increased. Therefore, it is fundamental to have tools that automatically inform the network operator of the relevant information within the vast amount of metrics collected. The continuous monitoring of the performance indicators and the automatic detection of anomalies is especially important for network operators to prevent the network degradation and user complaints. Therefore, this paper proposes a methodology to detect and track anomalies in the mobile networks performance indicators online, i.e., in real time. The feasibility of this system was evaluated with several performance metrics and a real LTE Advanced dataset. In addition, it was also compared with the performances of other state-of-the-art anomaly detection systems.
19
Ma, Shu Hua, Jin Kuan Wang, Zhi Gang Liu, and Hou Yan Jiang. "Density-Based Distributed Elliptical Anomaly Detection in Wireless Sensor Networks." Applied Mechanics and Materials 249-250 (December 2012): 226–30. http://dx.doi.org/10.4028/www.scientific.net/amm.249-250.226.
Full textAbstract:
Data measured and collected by WSNs is often unreliable and a big amount of anomaly data exist. Detecting these anomaly in energy-constrained situations is an important challenge in managing these types of networks. To detect anomalies induced by the decrease of battery power, we use HyCARCE algorithm but it has the problem of low detection rate and high false positive rate when the input space consists of a mixture of dense and sparse regions which make the anomalies form clusters. The paper presents a density-based algorithm to separate the normal cluster from all clusters. The performance of this algorithm is tested on a subset of the data gathered from a real sensor network deployed at the Intel Berkeley Research Laboratory in the USA and this density-based method has a better detection performance than HyCARCE algorithm.
20
Legashev, Leonid, Irina Bolodurina, Lubov Zabrodina, Yuri Ushakov, Alexander Shukhman, Denis Parfenov, Yong Zhou, and Yan Xu. "Message Authentication and Network Anomalies Detection in Vehicular Ad Hoc Networks." Security and Communication Networks 2022 (February 24, 2022): 1–18. http://dx.doi.org/10.1155/2022/9440886.
Full textAbstract:
Intelligent transport systems are the future in matters of safe roads and comfortable driving. Integration of vehicles into a unified intelligent network leads to all kinds of security issues and cyber threats common to conventional networks. Rapid development of mobile ad hoc networks and machine learning methods allows us to ensure security of intelligent transport systems. In this paper, we design an authentication scheme that can be used to ensure message integrity and preserve conditional privacy for the vehicle user. The proposed authentication scheme is designed with lightweight cryptography methods, so that it only brings little computational and communication overhead. We also conduct experiments on vehicular ad hoc network segment traffic generation in OMNeT++ tool and apply up-to-date machine learning methods to detect malicious behavior in a given simulated environment. The results of the study show high accuracy in distributed denial-of-service attack detection.
21
Millán-Roures, Laura, Irene Epifanio, and Vicente Martínez. "Detection of Anomalies in Water Networks by Functional Data Analysis." Mathematical Problems in Engineering 2018 (June 21, 2018): 1–13. http://dx.doi.org/10.1155/2018/5129735.
Full textAbstract:
A functional data analysis (FDA) based methodology for detecting anomalous flows in urban water networks is introduced. Primary hydraulic variables are recorded in real-time by telecontrol systems, so they are functional data (FD). In the first stage, the data are validated (false data are detected) and reconstructed, since there could be not only false data, but also missing and noisy data. FDA tools are used such as tolerance bands for FD and smoothing for dense and sparse FD. In the second stage, functional outlier detection tools are used in two phases. In Phase I, the data are cleared of anomalies to ensure that data are representative of the in-control system. The objective of Phase II is system monitoring. A new functional outlier detection method is also proposed based on archetypal analysis. The methodology is applied and illustrated with real data. A simulated study is also carried out to assess the performance of the outlier detection techniques, including our proposal. The results are very promising.
22
Battini Sujatha, Et al. "An Efficient Fuzzy Based Multi Level Clustering Model Using Artificial Bee Colony For Intrusion Detection." International Journal on Recent and Innovation Trends in Computing and Communication 11, no. 11 (November 30, 2023): 264–73. http://dx.doi.org/10.17762/ijritcc.v11i11.9390.
Full textAbstract:
Network security is becoming increasingly important as computer technology advances. One of the most important components in maintaining a secure network is an Intrusion Detection System (IDS). An IDS is a collection of tools used to detect and report network anomalies. Threats to computer networks are increasing at an alarming rate. As a result, it is critical to create and maintain a safe computing environment. For network security, researchers employ a range of technologies, including anomaly-based intrusion detection systems (AIDS). These anomaly-based detections face a major challenge in the classification of data. Optimization algorithms that mimic the foraging behavior of bees in nature, such as the artificial bee colony algorithm, is a highly successful tool. A computer network's intrusion detection system (IDS) is an essential tool for keeping tabs on the activities taking place in the network. Artificial Bee Colony (ABC) algorithm is used in this research for effective intrusion detection. More and more intrusion detection systems are needed to keep up with the increasing number of attacks and the increase in Internet bandwidth. Detecting developing threats with high accuracy at line rates is the prerequisite for a good intrusion detection system. As traffic grows, current systems will be overwhelmed by the sheer volume of false positives and negatives they generate. In order to detect intrusions based on anomalies, this research employs an Efficient Fuzzy based Multi Level Clustering Model using Artificial Bee Colony (EFMLC-ABC). A semi-supervised intrusion detection method based on an artificial bee colony algorithm is proposed in this paper to optimize cluster centers and identify the best clustering options. In order to assess the effectiveness of the proposed method, various subsets of the KDD Cup 99 database were subjected to experimental testing. Analyses have shown that the proposed algorithm is suitable and efficient for intrusion detection system.
23
Alfardus, Asma, and Danda B. Rawat. "Machine Learning-Based Anomaly Detection for Securing In-Vehicle Networks." Electronics 13, no. 10 (May 16, 2024): 1962. http://dx.doi.org/10.3390/electronics13101962.
Full textAbstract:
In-vehicle networks (IVNs) are networks that allow communication between different electronic components in a vehicle, such as infotainment systems, sensors, and control units. As these networks become more complex and interconnected, they become more vulnerable to cyber-attacks that can compromise safety and privacy. Anomaly detection is an important tool for detecting potential threats and preventing cyber-attacks in IVNs. The proposed machine learning-based anomaly detection technique uses deep learning and feature engineering to identify anomalous behavior in real-time. Feature engineering involves selecting and extracting relevant features from the data that are useful for detecting anomalies. Deep learning involves using neural networks to learn complex patterns and relationships in the data. Our experiments show that the proposed technique have achieved high accuracy in detecting anomalies and outperforms existing state-of-the-art methods. This technique can be used to enhance the security of IVNs and prevent cyber-attacks that can have serious consequences for drivers and passengers.
24
Žarković, Mileta, and Goran Dobrić. "Artificial Intelligence for Energy Theft Detection in Distribution Networks." Energies 17, no. 7 (March 26, 2024): 1580. http://dx.doi.org/10.3390/en17071580.
Full textAbstract:
The digitization of distribution power systems has revolutionized the way data are collected and analyzed. In this paper, the critical task of harnessing this information to identify irregularities and anomalies in electricity consumption is tackled. The focus is on detecting non-technical losses (NTLs) and energy theft within distribution networks. A comprehensive overview of the methodologies employed to uncover NTLs and energy theft is presented, leveraging measurements of electricity consumption. The most common scenarios and prevalent cases of anomalies and theft among consumers are identified. Additionally, statistical indicators tailored to specific anomalies are proposed. In this research paper, the practical implementation of numerous artificial intelligence (AI) algorithms, including the artificial neural network (ANN), ANFIS, autoencoder neural network, and K-mean clustering, is highlighted. These algorithms play a central role in our research, and our primary objective is to showcase their effectiveness in identifying NTLs. Real-world data sourced directly from distribution networks are utilized. Additionally, we carefully assess how well statistical methods work and compare them to AI techniques by testing them with real data. The artificial neural network (ANN) accurately identifies various consumer types, exhibiting a frequency error of 7.62%. In contrast, the K-means algorithm shows a slightly higher frequency error of 9.26%, while the adaptive neuro-fuzzy inference system (ANFIS) fails to detect the initial anomaly type, resulting in a frequency error of 11.11%. Our research suggests that AI can make finding irregularities in electricity consumption even more effective. This approach, especially when using data from smart meters, can help us discover problems and safeguard distribution networks.
25
Rovatsos, Georgios, George V. Moustakides, and Venugopal V. Veeravalli. "Quickest Detection of Moving Anomalies in Sensor Networks." IEEE Journal on Selected Areas in Information Theory 2, no. 2 (June 2021): 762–73. http://dx.doi.org/10.1109/jsait.2021.3076043.
Full text
26
Tian, Hui, Jingtian Liu, and Meimei Ding. "Promising techniques for anomaly detection on network traffic." Computer Science and Information Systems 14, no. 3 (2017): 597–609. http://dx.doi.org/10.2298/csis170201018h.
Full textAbstract:
In various networks, anomaly may happen due to network breakdown, intrusion detection, and end-to-end traffic changes. To detect these anomalies is important in diagnosis, fault report, capacity plan and so on. However, it?s challenging to detect these anomalies with high accuracy rate and time efficiency. Existing works are mainly classified into two streams, anomaly detection on link traffic and on global traffic. In this paper we discuss various anomaly detection methods on both types of traffic and compare their performance.
27
García González, Gastón, Pedro Casas, Alicia Fernández, and Gabriel Gómez. "On the Usage of Generative Models for Network Anomaly Detection in Multivariate Time-Series." ACM SIGMETRICS Performance Evaluation Review 48, no. 4 (May 17, 2021): 49–52. http://dx.doi.org/10.1145/3466826.3466843.
Full textAbstract:
Despite the many attempts and approaches for anomaly de- tection explored over the years, the automatic detection of rare events in data communication networks remains a com- plex problem. In this paper we introduce Net-GAN, a novel approach to network anomaly detection in time-series, us- ing recurrent neural networks (RNNs) and generative ad- versarial networks (GAN). Different from the state of the art, which traditionally focuses on univariate measurements, Net-GAN detects anomalies in multivariate time-series, ex- ploiting temporal dependencies through RNNs. Net-GAN discovers the underlying distribution of the baseline, multi- variate data, without making any assumptions on its nature, offering a powerful approach to detect anomalies in com- plex, difficult to model network monitoring data. We further exploit the concepts behind generative models to conceive Net-VAE, a complementary approach to Net-GAN for net- work anomaly detection, based on variational auto-encoders (VAE). We evaluate Net-GAN and Net-VAE in different monitoring scenarios, including anomaly detection in IoT sensor data, and intrusion detection in network measure- ments. Generative models represent a promising approach for network anomaly detection, especially when considering the complexity and ever-growing number of time-series to monitor in operational networks.
28
Yan Lei. "Smart Network Forensics with Generative Adversarial Networks Leveraging Blockchain for Anomaly Detection and Immutable Audit Trails." Power System Technology 48, no. 1 (May 28, 2024): 1625–42. http://dx.doi.org/10.52783/pst.432.
Full textAbstract:
Analyzing the specificity of the cybersecurity domain, the problem of ensuring the security and integrity of smart networks is multifaceted. This research explores the complexity of smart network forensics and seeks to meet theses challenges through different approaches. First, to establish the subject of the investigation, the context is described, which includes factors such as ever-fluctuating network traffic and increasing threat types. Further, a thorough analysis of the literature and research work available in the field of network forensics, anomaly detection methodologies, generative adversarial networks, and blockchain technology bring new perspectives and information to the discussion. From this perspective, the proposed methodology contributes towards devising a novel concept. Drawing on the prospects of using GANs for detecting anomalies, this research investigates how GANs can be employed to add synthetic data to training sets and improve the efficiency of smart networks in detecting anomalies. Similarly, Blockchain becomes a valuable asset in creating unalterable audit trails, and providing accountability and recoverability of any examined evidence. By incorporating these state-of-the-art approaches into the proposed work, this research aims at enhancing the reliability of smart network forensics to advance more effective cybersecurity awareness and threat analysis in complex and ever-evolving networks. DOI: https://doi.org/10.52783/pst.432
29
Kuang, Ye, Dandan Li, Xiaohong Huang, and Mo Zhou. "On the Modeling of RTT Time Series for Network Anomaly Detection." Security and Communication Networks 2022 (May 6, 2022): 1–13. http://dx.doi.org/10.1155/2022/5499080.
Full textAbstract:
Network anomalies can seriously influence the performance of networks and cause huge financial losses. Existing studies modeled the round-trip time (RTT) time series of each link and identified their abnormal patterns independently to detect the network anomalies. However, they rarely investigated the correlation among links, and they rarely considered the goodness of fit and complexity in model selection, which led to low timeliness and accuracy of detection. They failed to understand the impact of network anomalies. In this work, we propose the RTS detection approach to address these challenges. Specifically, we, firstly, propose a link clustering method to cluster the links into different classes based on the topological location of pairwise links and the similarity between their RTT time series. Then, for each class of links, we consider the goodness of fit and complexity in model selection and select the suitable model to analyze their RTT time series. Finally, we propose a detection method to detect the network anomalies by observing the deviation between the probability density distribution of the current RTT values and the reference value. We perform experiments with data from public measurement infrastructures like RIPE Atlas to evaluate the performance of our approach. The results show that our approach can not only reduce the detection time and improve the accuracy of detection effectively but also can roughly evaluate the impact of network anomalies.
30
Hajirahimova, Makrufa, and Leyla Yusifova. "Experimental Study of Machine Learning Methods in Anomaly Detection." Problems of Information Technology 13, no. 1 (January 24, 2022): 9–19. http://dx.doi.org/10.25045/jpit.v13.i1.02.
Full textAbstract:
Recently, the widespread usage of computer networks has led to the increase of network threats and attacks. Existing security systems and devices are insufficient in the detection of intruders' attacks on network infrastructure, and they considered to be outdated for storing and analyzing large network traffic data in terms of size, speed, and diversity. Detection of anomalies in network traffic data is one of the most important issues in providing network security. In the paper, we investigate the possibility of using machine learning algorithms in the detection of anomalies – DoS attacks in computer network traffic data on the WEKA software platform. Ensemble model consisting of several unsupervised classification algorithms has been proposed to increase the efficiency of classification algorithms. The effectiveness of the proposed model was studied using the NSL-KDD database. The proposed approach showed a higher accuracy in the detection of anomalies compared to the results shown by the classification algorithms separately.
31
Zehra, Sehar, Ummay Faseeha, Hassan Jamil Syed, Fahad Samad, Ashraf Osman Ibrahim, Anas W. Abulfaraj, and Wamda Nagmeldin. "Machine Learning-Based Anomaly Detection in NFV: A Comprehensive Survey." Sensors 23, no. 11 (June 5, 2023): 5340. http://dx.doi.org/10.3390/s23115340.
Full textAbstract:
Network function virtualization (NFV) is a rapidly growing technology that enables the virtualization of traditional network hardware components, offering benefits such as cost reduction, increased flexibility, and efficient resource utilization. Moreover, NFV plays a crucial role in sensor and IoT networks by ensuring optimal resource usage and effective network management. However, adopting NFV in these networks also brings security challenges that must promptly and effectively address. This survey paper focuses on exploring the security challenges associated with NFV. It proposes the utilization of anomaly detection techniques as a means to mitigate the potential risks of cyber attacks. The research evaluates the strengths and weaknesses of various machine learning-based algorithms for detecting network-based anomalies in NFV networks. By providing insights into the most efficient algorithm for timely and effective anomaly detection in NFV networks, this study aims to assist network administrators and security professionals in enhancing the security of NFV deployments, thus safeguarding the integrity and performance of sensors and IoT systems.
32
Radivilova, Tamara, Lyudmyla Kirichenko, Maksym Tawalbeh, and Andrii Ilkov. "DETECTION OF ANOMALIES IN THE TELECOMMUNICATIONS TRAFFIC BY STATISTICAL METHODS." Cybersecurity: Education, Science, Technique 11, no. 3 (2021): 183–94. http://dx.doi.org/10.28925/2663-4023.2021.11.183194.
Full textAbstract:
Anomaly detection is an important task in many areas of human life. Many statistical methods are used to detect anomalies. In this paper, statistical methods of data analysis, such as survival analysis, time series analysis (fractal), classification method (decision trees), cluster analysis, entropy method were chosen to detect anomalies. A description of the selected methods is given. To analyze anomalies, the traffic and attack implementations from an open dataset were taken. More than 3 million packets from the dataset were used to analyze the described methods. The dataset contained legitimate traffic (75%) and attacks (25%). Simulation modeling of the selected statistical methods was performed on the example of network traffic implementations of telecommunication networks of different protocols. To implement the simulation, programs were written in the Pyton programming language. DDoS attacks, UDP-flood, TCP SYN, ARP attacks and HTTP-flood were chosen as anomalies. A comparative analysis of the performance of these methods to detect anomalies (attacks) on such parameters as the probability of anomaly detection, the probability of false positive detection, the running time of each method to detect the anomaly was carried out. Experimental results showed the performance of each method. The decision tree method is the best in terms of anomaly identification probability, fewer false positives, and anomaly detection time. The entropy analysis method is slightly slower and gives slightly more false positives. Next is the cluster analysis method, which is slightly worse at detecting anomalies. Then the fractal analysis method showed a lower probability of detecting anomalies, a higher probability of false positives and a longer running time. The worst was the survival analysis method.
33
Sousa, Inês Sousa, António Casimiro, and José Cecílio. "Artificial Neural Networks for Real-Time Data Quality Assurance." ACM SIGAda Ada Letters 42, no. 1 (December 15, 2022): 86–89. http://dx.doi.org/10.1145/3577949.3577966.
Full textAbstract:
Wireless Sensor Networks used in aquatic environments for continuous monitoring are typically subject to physical or environmental factors that create anomalies in collected data. A possible approach to identify and correct these anomalies, hence to improve the quality of data, is to use artificial neural networks, as done by the previously proposed ANNODE (Artificial Neural Network-based Outlier Detection) framework [1]. In this paper we propose ANNODE+, which extends the ANNODE framework by detecting missing data in addition to outliers. We also describe the design and implementation of ANNODE+, implemented in Python to exploit readily available machine learning (ML) tools and libraries, also allowing online processing of incoming measurements. To evaluate the ANNODE+ capabilities, we used a dataset from a sensor deployment in Seixal's bay, Portugal. This dataset includes measurements of water level, temperature and salinity. We observed that our implementation of ANNODE+ performed as intended, being able to detect injected anomalies and successfully correcting them.
34
Komadina, Adrian, Ivan Kovačević, Bruno Štengl, and Stjepan Groš. "Comparative Analysis of Anomaly Detection Approaches in Firewall Logs: Integrating Light-Weight Synthesis of Security Logs and Artificially Generated Attack Detection." Sensors 24, no. 8 (April 20, 2024): 2636. http://dx.doi.org/10.3390/s24082636.
Full textAbstract:
Detecting anomalies in large networks is a major challenge. Nowadays, many studies rely on machine learning techniques to solve this problem. However, much of this research depends on synthetic or limited datasets and tends to use specialized machine learning methods to achieve good detection results. This study focuses on analyzing firewall logs from a large industrial control network and presents a novel method for generating anomalies that simulate real attacker actions within the network without the need for a dedicated testbed or installed security controls. To demonstrate that the proposed method is feasible and that the constructed logs behave as one would expect real-world logs to behave, different supervised and unsupervised learning models were compared using different feature subsets, feature construction methods, scaling methods, and aggregation levels. The experimental results show that unsupervised learning methods have difficulty in detecting the injected anomalies, suggesting that they can be seamlessly integrated into existing firewall logs. Conversely, the use of supervised learning methods showed significantly better performance compared to unsupervised approaches and a better suitability for use in real systems.
35
Rajaboevich, Gulomov Sherzod, and Ganiev Abdukhalil Abdujalilovich. "Methods and models of protecting computer networks from un-wanted network traffic." International Journal of Engineering & Technology 7, no. 4 (September 24, 2018): 2541. http://dx.doi.org/10.14419/ijet.v7i4.14744.
Full textAbstract:
In this article a method of measure network traffic to collect data about the header of packets and to analyze the traffic dump in computer networks are offered. A method for detecting anomalies and a formal model for protecting information from DDoS attacks, which make it possible to simplify the development of filter rule sets and improve the efficiency of computer networks, taking into account, the interaction of detection modules and the use of formal set-theoretic constructions are proposed.
36
Dymora, Paweł, and Mirosław Mazurek. "Anomaly Detection in IoT Communication Network Based on Spectral Analysis and Hurst Exponent." Applied Sciences 9, no. 24 (December 6, 2019): 5319. http://dx.doi.org/10.3390/app9245319.
Full textAbstract:
Internet traffic monitoring is a crucial task for the security and reliability of communication networks and Internet of Things (IoT) infrastructure. This description of the traffic statistics is used to detect traffic anomalies. Nowadays, intruders and cybercriminals use different techniques to bypass existing intrusion detection systems based on signature detection and anomalies. In order to more effectively detect new attacks, a model of anomaly detection using the Hurst exponent vector and the multifractal spectrum is proposed. It is shown that a multifractal analysis shows a sensitivity to any deviation of network traffic properties resulting from anomalies. Proposed traffic analysis methods can be ideal for protecting critical data and maintaining the continuity of internet services, including the IoT.
37
Mandrikova, O. V. "Intelligent methods for natural data analysis: application to space weather." Computer Optics 48, no. 1 (February 2024): 139–48. http://dx.doi.org/10.18287/2412-6179-co-1367.
Full textAbstract:
The paper describes methods for detecting anomalies in geophysical monitoring data. This work studies a highly relevant class of problems in this area, aimed at creating methods for space weather forecasting. The negative impact of space weather anomalies on human health and practically all modern infrastructure objects requires the development of methods and the creation of effective means of detecting anomalies. Threshold wavelet filtering methods widely used for data analysis and anomaly detection allow one to obtain fairly accurate estimates using a “greed” strategy, even in the case of incomplete noise data. With this approach, the signal is estimated by isolating coherent structures. But these methods have high computational complexity, failing to provide accurate estimates when the signal-to-noise ratio is low. For such signals, we propose using adaptive probabilistic thresholds. Threshold function parameters are introduced that make it possible to estimate the variability of the process, suppress noise, and detect nonstationary features of different time-frequency structures. The paper also considers ways to combine threshold wavelet filtering with neural networks of the NARX and Autoencoder architectures. Schemes for the implementation of such approaches in the problems of detecting space weather anomalies are proposed. Using the problem of detecting ionospheric anomalies as an example, the efficiency of combining threshold wavelet filtering with the NARX network is shown. The efficiency of network sharing an Autoencoder with adaptive wavelet threshold filtering is shown in the problem of anomaly detection in cosmic ray flux intensity data.
38
Habeeb, Mohammed Sayeeduddin, and Tummala Ranga Babu. "MS-CFFS: Multistage Coarse and Fine Feature Selecton for Advanced Anomaly Detection in IoT Security Networks." International Journal of Electrical and Electronics Research 12, no. 3 (July 25, 2024): 780–90. http://dx.doi.org/10.37391/ijeer.120308.
Full textAbstract:
In recent years, the concept of Internet-of-Things (IoT) has increased in popularity, leading to a massive increase in both the number of connected devices and the volume of data they handle. With IoT devices constantly collecting and sharing large quantities of sensitive data, securing this data is of major concern, especially with the increase in network anomalies. A network-based anomaly detection system serves as a crucial safeguard for IoT networks, aiming to identify irregularities in the network entry point by continuously monitoring traffic. However, the research community has contributed more to this field, the security system still faces several challenges with detecting these anomalies, often resulting in a high rate of false alarms and missed detections when it comes to classifying network traffic and computational complexity. Seeing this, we propose a novel method to increase the capabilities of Anomaly Detection in IoT. This study introduces the deep learning (DL) based Multistage Coarse and Fine Feature Selection (MS-CFFS), to improve anomaly detection techniques devised for IoT security frameworks. The proposed feature section is done in two stages. The MS-CFFS, utilizing a deep learning-based dual-stage feature selection, substantially improves NIDS efficacy. The results confirm MS-CFFS's outstanding classification accuracy at 99.93%, with a remarkably low FAR of 0.05% and FNR of 0.11%. These achievements stem from refining the feature set to 28 pivotal features, thus notably cutting computational complexity without sacrificing precision. Furthermore, a comparative analysis with leading-edge approaches validates the preeminence of our proposed MS-CFFS in the domain of network security.
39
López-Vizcaíno, Manuel, Carlos Dafonte, Francisco Nóvoa, Daniel Garabato, and M. Álvarez. "Network Data Unsupervised Clustering to Anomaly Detection." Proceedings 2, no. 18 (September 17, 2018): 1173. http://dx.doi.org/10.3390/proceedings2181173.
Full textAbstract:
In these days, organizations rely on the availability and security of their communication networks to perform daily operations. As a result, network data must be analyzed in order to provide an adequate level of security and to detect anomalies or malfunctions in the systems. Due to the increase of devices connected to these networks, the complexity to analyze data related to its communications also grows. We propose a method, based on Self-Organized Maps, which combine numerical and categorical features, to ease communication network data analysis. Also, we have explored the possibility of using different sources of data.
40
Meneganti, M., F. S. Saviello, and R. Tagliaferri. "Fuzzy neural networks for classification and detection of anomalies." IEEE Transactions on Neural Networks 9, no. 5 (1998): 848–61. http://dx.doi.org/10.1109/72.712157.
Full text
41
P, Bharathisindhu, and Dr S.SelvaBrunda. "Probability Model for Intrusion Detection System in Mobile Adhoc Network." International Journal of Engineering & Technology 7, no. 2.20 (April 18, 2018): 302. http://dx.doi.org/10.14419/ijet.v7i2.20.16722.
Full textAbstract:
Wireless technologies increasingly exist everywhere in advanced networks; however, this new innovation accompanies its own set of challenges. The nodes in the wireless network are characteristically ‘open’ and viewable by all network scanners. Networks are protected using many firewalls and encryption software’s. Firewalls restrict access between networks to prevent intrusion and do not indicate an attack within the network. An Intrusion Detection System (IDS) is required which monitors the network, detects misbehavior or anomalies and notifies other nodes in the network to avoid or punish the misbehaving nodes. In this paper, we propose a probability based IDS model that provides generalized solution to detect set of malicious nodes to improve the detection speed and accuracy.
42
.., Pallavi, and Sarika Chaudhary. "Maximizing Anomaly Detection Performance in Next-Generation Networks." Journal of Cybersecurity and Information Management 12, no. 2 (2023): 36–51. http://dx.doi.org/10.54216/jcim.120203.
Full textAbstract:
The paper discusses major components of the proposed intrusion detection system as well as associated ideas. Dimensionality reduction solutions are highly valued for their potential to improve the efficiency of anomaly detection. Furthermore, feature selection and fusion methods are applied to optimise the system's capabilities. The following summary of network control, management, and cloud-based network processing aspects highlights operations managers, cloud resources, network function virtualization (NFV), and hardware and software components. We discuss prospective Deep Autoencoders (DAEs) applications, such as their use in the dimensionality reduction module, training methodologies, and benefits. Data transformation utilising coded representations is also graphically displayed and described in the text using an encoder and decoder system. The role of the anomaly detection via virtual network function in the suggested technique is also investigated. This component leverages a deep neural network (DNN) to identify anomalies in the 5G network's peripherals. DNN design issues, optimisation methodologies, and the trade-off between model complexity and detection efficacy are also discussed. Overall, the passage provides an overview of the proposed intrusion detection scheme, its components, and the techniques employed, underscoring their contributions to improving efficiency, accuracy, and security in Next Generation Networks.
43
Sun, Yumeng. "Unsupervised Wireless Network Model-Assisted Abnormal Warning Information in Government Management." Journal of Sensors 2021 (October 26, 2021): 1–12. http://dx.doi.org/10.1155/2021/1614055.
Full textAbstract:
The data generated through telecommunication networks has grown exponentially in the last few years, and the resulting traffic data is unlikely to be processed and analyzed by manual style, especially detecting unintended traffic consumption from normal patterns remains an important issue. This area is critical because anomalies may lead to a reduction in network efficiency. The origin of these anomalies may be a technical problem in a cell or a fraudulent intrusion in the network. Usually, they need to be identified and fixed as soon as possible. Therefore, in order to identify these anomalies, data-driven systems using machine learning algorithms are developed with the aim from the raw data to identify and alert the occurrence of anomalies. Unsupervised learning methods can spontaneously describe the data structure and derive network patterns, which is effective for identifying unintended anomalous behavior and detecting new types of anomalies in a timely manner. In this paper, we use different unsupervised models to analyze traffic data in wireless networks, focusing on models that analyze traffic data combined with timeline information. The factor analysis method is used to derive the results of factor analysis, obtain the three major public factors and comprehensive factor scores, and combine the results with the BP neural network model to conduct a nonlinear simulation study on local governmental debt risk. A potential semantic analysis model based on Gaussian probability is presented and compared with other methods, and experimental results show that this model can provide a robust, over-the-top anomaly detection in a fully automated, data-driven solution.
44
Clausen, Henry, Gudmund Grov, and David Aspinall. "CBAM: A Contextual Model for Network Anomaly Detection." Computers 10, no. 6 (June 11, 2021): 79. http://dx.doi.org/10.3390/computers10060079.
Full textAbstract:
Anomaly-based intrusion detection methods aim to combat the increasing rate of zero-day attacks, however, their success is currently restricted to the detection of high-volume attacks using aggregated traffic features. Recent evaluations show that the current anomaly-based network intrusion detection methods fail to reliably detect remote access attacks. These are smaller in volume and often only stand out when compared to their surroundings. Currently, anomaly methods try to detect access attack events mainly as point anomalies and neglect the context they appear in. We present and examine a contextual bidirectional anomaly model (CBAM) based on deep LSTM-networks that is specifically designed to detect such attacks as contextual network anomalies. The model efficiently learns short-term sequential patterns in network flows as conditional event probabilities. Access attacks frequently break these patterns when exploiting vulnerabilities, and can thus be detected as contextual anomalies. We evaluated CBAM on an assembly of three datasets that provide both representative network access attacks, real-life traffic over a long timespan, and traffic from a real-world red-team attack. We contend that this assembly is closer to a potential deployment environment than current NIDS benchmark datasets. We show that, by building a deep model, we are able to reduce the false positive rate to 0.16% while effectively detecting six out of seven access attacks, which is significantly lower than the operational range of other methods. We further demonstrate that short-term flow structures remain stable over long periods of time, making the CBAM robust against concept drift.
45
Yu, Xiang, Hui Lu, Xianfei Yang, Ying Chen, Haifeng Song, Jianhua Li, and Wei Shi. "An adaptive method based on contextual anomaly detection in Internet of Things through wireless sensor networks." International Journal of Distributed Sensor Networks 16, no. 5 (May 2020): 155014772092047. http://dx.doi.org/10.1177/1550147720920478.
Full textAbstract:
With the widespread propagation of Internet of Things through wireless sensor networks, massive amounts of sensor data are being generated at an unprecedented rate, resulting in very large quantities of explicit or implicit information. When analyzing such sensor data, it is of particular importance to detect accurately and efficiently not only individual anomalous behaviors but also anomalous events (i.e. patterns of behaviors). However, most previous work has focused only on detecting anomalies while generally ignoring the correlations between them. Even in approaches that take into account correlations between anomalies, most disregard the fact that the anomaly status of sensor data changes over time. In this article, we propose an unsupervised contextual anomaly detection method in Internet of Things through wireless sensor networks. This method accounts for both a dynamic anomaly status and correlations between anomalies based contextually on their spatial and temporal neighbors. We then demonstrate the effectiveness of the proposed method in an anomaly detection model. The experimental results show that this method can accurately and efficiently detect not only individual anomalies but also anomalous events.
46
Meleshko, Alexey, Anton Shulepov, Vasily Desnitsky, and Evgenia Novikova. "Integrated approach to revelation of anomalies in wireless sensor networks for water control cases." Computer Tools in Education, no. 1 (March 28, 2021): 58–67. http://dx.doi.org/10.32603/2071-2340-2021-1-59-68.
Full textAbstract:
This article describes an approach to revelation of anomalies for Wireless Sensor Networks (WSN). It is based on the integration of visual data analysis techniques and data mining techniques. Feasibility of the approach has been confirmed on a demo case for WSN water management scenario. For verification we developed a software/hardware prototype of the network and a software model to generate the necessary data sets for the establishment of detection models and their investigation. The experiments carried out have shown a high quality of detection, which shows the applicability of the integrated approach to revelation of anomalies for use in practical cases.
47
Khilar, Rashmita, K. Mariyappan, Mary Subaja Christo, J. Amutharaj, T. Anitha, T. Rajendran, and Areda Batu. "Artificial Intelligence-Based Security Protocols to Resist Attacks in Internet of Things." Wireless Communications and Mobile Computing 2022 (April 5, 2022): 1–10. http://dx.doi.org/10.1155/2022/1440538.
Full textAbstract:
IoT (Internet of Things) usage in industrial and scientific domains is progressively increasing. Currently, IoTs are utilized in numerous applications in different domains, similar to communication technology, environmental monitoring, agriculture, medical services, and manufacturing purposes. But, the IoT systems are vulnerable against various intrusions and attacks in the perspective on the security view. It is essential to create an intrusion detection model to detect and secure the network from different attacks and anomalies that continually happen in the network. In this paper, the anomaly detection model for an IoT network using deep neural networks (DNN) with chicken swarm optimization (CSO) algorithm was proposed. Presently, the DNN has demonstrated its efficiency in different fields that are applicable to its usage. Deep learning is the type of algorithm based on machine learning which used many layers to gradually extricate more significant features of level from the raw inputs. The UNSW-NB15 dataset was utilized to evaluate the anomaly detection model. The proposed model obtained 94.85% accuracy and 96.53% detection rate which is better than other compared techniques like GA-NB, GSO, and PSO for validation. The DNN-CSO model has performed well in detecting most of the attacks, and it is appropriate for detecting anomalies in the IoT network.
48
Dymora, Paweł, and Mirosław Mazurek. "An Innovative Approach to Anomaly Detection in Communication Networks Using Multifractal Analysis." Applied Sciences 10, no. 9 (May 8, 2020): 3277. http://dx.doi.org/10.3390/app10093277.
Full textAbstract:
Fractal and multifractal analysis can help to discover the structure of the communication system, and in particular the pattern and characteristics of traffic, in order to understand the threats better and detect anomalies in network operation. The massive increase in the amount of data transmitted by different devices makes these systems the target of various types of attacks by cybercriminals. This article presents the use of fractal analysis in detecting threats and anomalies. The issues related to the construction and functioning of the Security Operations Centre (SOC) are presented. To examine the correctness of SOC, several attacks on virtual systems located in the network were carried out, such as Denial of Service (DoS) attack, brute force, malware infections, exploits. Based on data collected from monitoring and devices, the response to the event was analyzed, and multifractal spectra of network traffic before and during the incident were created. The collected information allows us to verify the theses and confirm the effectiveness of multifractal methods in detecting anomalies in the operation of any Information and Communication Technology (ICT) network. Such solutions will contribute to the development of advanced intrusion detection systems (IDS).
49
Patel, Darsh, Kathiravan Srinivasan, Chuan-Yu Chang, Takshi Gupta, and Aman Kataria. "Network Anomaly Detection inside Consumer Networks—A Hybrid Approach." Electronics 9, no. 6 (June 1, 2020): 923. http://dx.doi.org/10.3390/electronics9060923.
Full textAbstract:
With an increasing number of Internet of Things (IoT) devices in the digital world, the attack surface for consumer networks has been increasing exponentially. Most of the compromised devices are used as zombies for attacks such as Distributed Denial of Services (DDoS). Consumer networks, unlike most commercial networks, lack the infrastructure such as managed switches and firewalls to easily monitor and block undesired network traffic. To counter such a problem with limited resources, this article proposes a hybrid anomaly detection approach that detects irregularities in the network traffic implicating compromised devices by using only elementary network information like Packet Size, Source, and Destination Ports, Time between subsequent packets, Transmission Control Protocol (TCP) Flags, etc. Essential features can be extracted from the available data, which can further be used to detect zero-day attacks. The paper also provides the taxonomy of various approaches to classify anomalies and description on capturing network packets inside consumer networks.
50
Imtiaz, Syed Ibrahim, Liaqat Ali Khan, Ahmad S. Almadhor, Sidra Abbas, Shtwai Alsubai, Michal Gregus, and Zunera Jalil. "Efficient Approach for Anomaly Detection in Internet of Things Traffic Using Deep Learning." Wireless Communications and Mobile Computing 2022 (September 10, 2022): 1–15. http://dx.doi.org/10.1155/2022/8266347.
Full textAbstract:
The network intrusion detection system (NIDs) is a significant research milestone in information security. NIDs can scan and analyze the network to detect an attack or anomaly, which may be a continuing intrusion or perhaps an intrusion that has just occurred. During the pandemic, cybercriminals realized that home networks lurked with vulnerabilities due to a lack of security and computational limitations. A fundamental difficulty in NIDs is providing an effective, robust, lightweight, and rapid framework to perform real-time intrusion detection. This research proposes an efficient, functional cybersecurity approach based on machine/deep learning algorithms to detect anomalies using lightweight network-based IDs. A lightweight, real-time, network-based anomaly detection system can be used to secure connected IoT devices. The UNSW-NB15 dataset is used to evaluate the proposed approach DeepNet and compare results alongside other state-of-the-art existing techniques. For the classification of network-based anomalies, the proposed model achieves 99.16% accuracy by using all features and 99.14% accuracy after feature reduction. The experimental results show that the network anomalies depend exceptionally on features selected after selection.