Skip to main content

Advertisement

SpringerLink
Log in

NEAE: NeuroEvolution AutoEncoder for anomaly detection in internet traffic data

  • Published:
The Journal of Supercomputing Aims and scope Submit manuscript

Abstract

Abnormal behaviors degrade overall system efficiency and may lead to system suspension. Extensive academic research has focused on anomaly detection across various sectors, including industrial, information security, and artificial intelligence. In this study, we propose a NeuroEvolution AutoEncoder (NEAE) for classifying and predicting abnormalities in internet-based applications. The NEAE is genetically programmed to process dataset features that encompass abnormal behaviors in internet activities. Our approach targets multivariate anomalies using parallel dimension processing, aiming for synchronized intelligence. Genetic programming is central to our technique, enhancing optimization. We evaluate our proposed technique using a substantial internet-based dataset, specifically network traffic. Simulation results demonstrate the effectiveness of the NEAE in detecting abnormalities based on performance metrics. Given its relevance and integration with diverse industries such as the Internet of Things, wireless communication, network traffic, and the web, we choose an Internet-based application dataset to validate the NEAE’s performance.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Algorithm 1
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11

Similar content being viewed by others

Availability of data and materials

Available on requests

Code availability

Available on request

References

  1. Chandola V, Banerjee A, Kumar V (2009) Anomaly detection: a survey. ACM Comput Surveys (CSUR) 41(3):1–58

    Article  Google Scholar 

  2. Mahesh B (2020) Machine learning algorithms-a review. Int J Sci Res (IJSR). 9:381–386

    Google Scholar 

  3. Pang G, Shen C, Cao L, Hengel AVD (2021) Deep learning for anomaly detection: a review. ACM Comput Surv (CSUR) 54(2):1–38

    Article  Google Scholar 

  4. Omar S, Ngadi A, Jebur HH (2013) Machine learning techniques for anomaly detection: an overview. Int J Comput Appl 79(2)

  5. Nassif AB, Talib MA, Nasir Q, Dakalbab FM (2021) Machine learning for anomaly detection: A systematic review. Ieee Access 9:78658–78700

    Article  Google Scholar 

  6. Galván E, Mooney P (2021) Neuroevolution in deep neural networks: current trends and future challenges. IEEE Trans Artif Intell 2(6):476–493

    Article  Google Scholar 

  7. Lang S, Reggelin T, Schmidt J, Müller M, Nahhas A (2021) Neuroevolution of augmenting topologies for solving a two-stage hybrid flow shop scheduling problem: a comparison of different solution strategies. Expert Syst Appl 172:114666. https://doi.org/10.1016/j.eswa.2021.114666

    Article  Google Scholar 

  8. Goldstein M, Uchida S (2016) A comparative evaluation of unsupervised anomaly detection algorithms for multivariate data. PloS one 11(4):0152173

    Article  Google Scholar 

  9. Javaheri D, Gorgin S, Lee J-A, Masdari M (2023) Fuzzy logic-based ddos attacks and network traffic anomaly detection methods: classification, overview, and future perspectives. Inf Sci

  10. Jonker M, Hofstede R, Sperotto A, Pras A (2015) Unveiling flat traffic on the internet: an ssh attack case study. In: 2015 IFIP/IEEE International Symposium on Integrated Network Management (IM), pp. 270–278. IEEE

  11. Al-Bataineh A, White G (2012) Analysis and detection of malicious data exfiltration in web traffic. In: 2012 7th International Conference on Malicious and Unwanted Software, pp. 26–31. IEEE

  12. Shalyga D, Filonov P, Lavrentyev A (2018) Anomaly detection for water treatment system based on neural network with automatic architecture optimization. arXiv preprint arXiv:1807.07282

  13. Mirjalili S, Mirjalili SM, Hatamlou A (2016) Multi-verse optimizer: a nature-inspired algorithm for global optimization. Neural Comput Appl 27:495–513

    Article  Google Scholar 

  14. Öney MU (2019) A comparative study of neural network approaches in network anomaly detection. Master’s thesis, Fen Bilimleri Enstitüsü

  15. Albawi S, Mohammed TA, Al-Zawi S (2017) Understanding of a convolutional neural network. In: 2017 International Conference on Engineering and Technology (ICET), pp. 1–6. Ieee

  16. Agnelli JP, Garau EM, Morin P (2014) A posteriori error estimates for elliptic problems with dirac measure terms in weighted spaces. ESAIM: Mathematical Modelling and Numerical Analysis-Modélisation Mathématique et Analyse Numérique 48(6), 1557–1581

  17. Poe GL, Giraud KL, Loomis JB (2005) Computational methods for measuring the difference of empirical distributions. Am J Agric Econ 87(2):353–365

    Article  Google Scholar 

  18. Forrest S (1996) Genetic algorithms. ACM Comput Surv (CSUR) 28(1):77–80

    Article  Google Scholar 

  19. Manaswi NK, Manaswi NK (2018) Understanding and working with keras. Deep learning with applications using Python: Chatbots and face, object, and speech recognition with TensorFlow and Keras, 31–43

  20. Sharma S, Sharma S, Athaiya A (2017) Activation functions in neural networks. Towards Data Sci 6(12):310–316

    Google Scholar 

  21. Lee DK, In J, Lee S (2015) Standard deviation and standard error of the mean. Korean J Anesthesiol 68(3):220–223

    Article  MathSciNet  PubMed  PubMed Central  Google Scholar 

  22. Leevy JL, Khoshgoftaar TM (2020) A survey and analysis of intrusion detection models based on cse-cic-ids2018 big data. J Big Data 7(1):1–19

    Article  Google Scholar 

  23. Yang X-S (2011) Metaheuristic optimization. Scholarpedia 6(8):11472

    Article  ADS  Google Scholar 

  24. Moustafa N, Creech G, Sitnikova E, Keshk M (2017) Collaborative anomaly detection framework for handling big data of cloud computing. In: 2017 Military Communications and Information Systems Conference (MilCIS), pp. 1–6. IEEE

  25. Danielsson P-E (1980) Euclidean distance mapping. Comput Graph Image Process 14(3):227–248

    Article  Google Scholar 

  26. Naoum RS, Abid NA, Al-Sultani ZN (2012) An enhanced resilient backpropagation artificial neural network for intrusion detection system. Int J Comput Sci Netw Secur (IJCSNS) 12(3):11

    Google Scholar 

  27. Tsai C-F, Lin C-Y (2010) A triangle area based nearest neighbors approach to intrusion detection. Patt Recogn 43(1):222–229

    Article  ADS  Google Scholar 

Download references

Funding

The research has no funding

Author information

Authors and Affiliations

  1. Faculty of Electrical and Computer Engineering, University of Tabriz, 29 Bahman Boulevard, Tabriz, East Azerbaijan Province, 5166616471, Iran

    Ali Jameel Hashim, M. A. Balafar & Jafar Tanha

Authors
  1. Ali Jameel Hashim
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. M. A. Balafar
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jafar Tanha
    View author publications

    You can also search for this author in PubMed Google Scholar

Contributions

AA: mathematics, coding, analysis, programming, writing, illustrating; JT: Supervision; MB Supervision

Corresponding author

Correspondence to Ali Jameel Hashim.

Ethics declarations

Conflict of interest

The research doesn’t have any conflict of interest

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Appendices

Appendix

Average results across generations (See Table 6)

Table 6 The results of NEAE across generations
Full size table

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Hashim, A.J., Balafar, M.A. & Tanha, J. NEAE: NeuroEvolution AutoEncoder for anomaly detection in internet traffic data. J Supercomput 80, 6746–6777 (2024). https://doi.org/10.1007/s11227-023-05715-0

Download citation

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11227-023-05715-0

Keywords

Search

Navigation