ANOMALY DETECTION IN NETWORK TRAFFIC USING UNSUPERVISED MACHINE LEARNING APPROACH

Abstract

Intrusion detection can identify unknown attacks from network traffics and has been an effective means of network security. Nowadays, existing methods for network anomaly detection are usually based on traditional machine learning models, such as KNN, SVM, etc. Although these methods can obtain some outstanding features, they get a relatively low accuracy and rely heavily on manual design of traffic features, which has been obsolete in the age of big data. To solve the problems of low accuracy and feature engineering in intrusion detection, a traffic anomaly detection model is proposed. The model combines LINEAR REGRESSION, attention mechanism. It can well describe the network traffic behaviour and improve the ability of anomaly detection effectively. We test our model on a public benchmark dataset, and the experimental results demonstrate our model has better performance than other comparison methods.

Keywords: Anomaly Detection, Isolation Forest, Machine Learning, Intrusion Detection System, Linear Regression, KNN, SVM