Anomaly Detection for Network Security
DOI:
https://doi.org/10.15379/ijmst.v10i1.1808Keywords:
Anomaly Detection, Network Attack, Autoencoder, Feature Selection, Data Resampling, Under sampling, CICIDS 2017Abstract
Today, network security is crucial due to the rapid development of network and internet technologies, as well as the continuous growth in network threats. Detecting network anomalies is one of the approaches that may be used to safeguard a network's security. Recent research has focused extensively on techniques for identifying abnormalities. Using the Autoencoder model together with data pre-processing techniques such as data resampling and feature selection, this research describes a novel approach for identifying network abnormalities. It has been shown that the suggested strategy is applicable to network intrusion data. A comparison of the reconstruction error to a threshold value determines whether the traffic data is normal or anomalous. CICIDS2017 dataset is selected to evaluate the implementation of the proposed Autoencoder model based on real-world, large-scale, current network traffic data The proposed model with data pre-processed achieved F1-Score of 76% which outperformed the baseline model without feature selection and data resampling in data pre-processing stages. This research project investigated the effect of data pre-processing techniques on the performance of the proposed Autoencoder. At the end of this research project, it is demonstrated that the proposed methodologies are applicable towards imbalanced network intrusion data.