Abstract:
During the last decade, we have witnessed an ever-increasing growth of inter-connected devices (e.g. IoT, Cloud) and the security assessment of such networks has become m...Show MoreMetadata
Abstract:
During the last decade, we have witnessed an ever-increasing growth of inter-connected devices (e.g. IoT, Cloud) and the security assessment of such networks has become more and more essential. Identifying network anomalies represents a promising strategy to detect network intrusions, thefts to users privacy, system damage and fraudulent activities. Thanks to their ability to learn complex anomalies patterns in a complete data-driven fashion, deep neural networks have recently received an increasing attention. However, the application of such techniques is constrained by the peculiar characteristics of network traffic data, which is very sparse and noisy — due to the high number of devices generating data and Internet applications — and suffer from a high imbalance, i.e. anomalies typically occur 0.001-1% of the time. In this work, we handle the above-mentioned challenges with a simple pipeline: first, we identify samples with anomalous behavior by means of an autoencoder (AE); then, an attack classifier is used to assign anomalies to their attack type. We experiment our framework on a million-scale dataset of real-world network traffic data for anomaly detection, showing promising performance in terms of Precision, Recall and F1 scores.
Date of Conference: 26-28 October 2022
Date Added to IEEE Xplore: 05 December 2022
ISBN Information: