Detecting Network Anomalies in NetFlow Traffic with Machine Learning Algorithms

被引:0
作者
Quoc Vo [1 ]
Ea, Philippe [1 ]
Salem, Osman [1 ]
Mehaoua, Ahmed [1 ]
机构
[1] Univ Paris Cite, Ctr Borelli, UMR 9010, Paris, France
来源
2024 IEEE 49TH CONFERENCE ON LOCAL COMPUTER NETWORKS, LCN 2024 | 2024年
关键词
Anomaly Detection; Deep Learning; Logistic Regression; Machine Learning; Naive Bayes; NetFlow Traffic; Random Forest; Recurrent Neural Network;
D O I
10.1109/LCN60385.2024.10639619
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
Early detection of anomalies in network traffic data is critical for robust cybersecurity. This study investigates the effectiveness of various Machine Learning and Deep Learning models for identifying anomalous patterns in NetFlow v9 traffic. We address data preprocessing challenges and explore feature engineering techniques to optimize anomaly detection system performance. Our study evaluates the performance of several models based on key metrics like accuracy, Area Under the Curve (AUC), and computational efficiency. The results highlight the strengths and limitations of each model, emphasizing the importance of balancing performance with real-world deployment feasibility. Random Forest emerged as the most effective model, achieving an accuracy of 93.8% and an AUC of 0.99. Additionally, it demonstrated superior training and testing times, requiring only 0.19 seconds for training and 0.23 microseconds per prediction. Conversely, the Recurrent Neural Network model exhibited limitations in training efficiency and overall performance. Through a nuanced analysis of model performance and computational considerations, this study contributes to advancing anomaly detection techniques for network security applications.
引用
收藏
页数:8
相关论文
共 13 条
[1]   Anomaly Detection IDS for Detecting DoS Attacks in IoT Networks Based on Machine Learning Algorithms [J].
Altulaihan, Esra ;
Almaiah, Mohammed Amin ;
Aljughaiman, Ahmed .
SENSORS, 2024, 24 (02)
[2]  
Biswas Priyajit, 2021, International Journal of Information Technology, V13, P2043, DOI [10.1007/s41870-021-00717-8, 10.1007/s41870-021-00717-8]
[3]   Malicious traffic detection on sampled network flow data with novelty-detection-based models [J].
Campazas-Vega, Adrian ;
Crespo-Martinez, Ignacio Samuel ;
Guerrero-Higueras, Angel Manuel ;
Alvarez-Aparicio, Claudia ;
Matellan, Vicente ;
Fernandez-Llamas, Camino .
SCIENTIFIC REPORTS, 2023, 13 (01)
[4]  
Chew Jackel Vui Lung, 2024, ITM Web of Conferences, V63, DOI [10.1051/itmconf/20246301023, 10.1051/itmconf/20246301023]
[5]   Anomaly detection in NetFlow network traffic using supervised machine learning algorithms [J].
Fosic, Igor ;
Zagar, Drago ;
Grgic, Kresimir ;
Krizanovic, Visnja .
JOURNAL OF INDUSTRIAL INFORMATION INTEGRATION, 2023, 33
[6]  
George AS., 2024, Partners Univ Int Innov J, V2, P51
[7]   Network anomaly detection using deep learning techniques [J].
Hooshmand, Mohammad Kazim ;
Hosahalli, Doreswamy .
CAAI TRANSACTIONS ON INTELLIGENCE TECHNOLOGY, 2022, 7 (02) :228-243
[8]   IoT-Fog-Cloud model for anomaly detection using improved Naive Bayes and principal component analysis [J].
Manimurugan, S. .
JOURNAL OF AMBIENT INTELLIGENCE AND HUMANIZED COMPUTING, 2021,
[9]   The Proposition and Evaluation of the RoEduNet-SIMARGL2021 Network Intrusion Detection Dataset [J].
Mihailescu, Maria-Elena ;
Mihai, Darius ;
Carabas, Mihai ;
Komisarek, Mikolaj ;
Pawlicki, Marek ;
Holubowicz, Witold ;
Kozik, Rafal .
SENSORS, 2021, 21 (13)
[10]  
Pranto M. B., 2022, J. Adv. Inf. Technol, V13