Detecting anomalies and attacks in network traffic monitoring with classification methods and XAI-based explainability

被引：9

作者：

Wawrowski, Lukasz ^{[1
]}

Michalak, Marcin ^{[1
]}

Bialas, Andrzej ^{[1
]}

Kurianowicz, Rafal ^{[1
]}

Sikora, Marek ^{[2
]}

Uchronski, Mariusz ^{[3
]}

Kajzer, Adrian ^{[3
]}

机构：

[1] Inst Innovat Technol EMAG, Res Network Lukasiewicz, Ul Leopolda 31, PL-40189 Katowice, Poland

[2] Silesian Tech Univ, Dept Comp Networks & Syst, Ul Akad 16, PL-44100 Gliwice, Poland

[3] Wroclaw Univ Sci & Technol, Wroclaw Ctr Networking & Supercomp, Wybrzeze Wyspianskiego 27, PL-50370 Wroclaw, Poland

来源：

KNOWLEDGE-BASED AND INTELLIGENT INFORMATION & ENGINEERING SYSTEMS (KSE 2021) | 2021年 / 192卷

关键词：

anomaly detection; classification; network traffic security; explainable artificial intelligence; OUTLIERS;

D O I：

10.1016/j.procs.2021.08.239

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Assuring the network traffic safety is a very important issue in a variety of today's industries. Therefore, the development of anomalies and attacks detection methods has been the goal of analyses. In the paper the binary classification-based approach to network traffic safety monitoring is presented. The well known methods were applied to artificially modified network traffic data and their detection capabilities were tested. More detailed interpretation of the nature of detected anomalies is carried out with the help of the XAI approach. For the purpose of experiments a new benchmark network traffic data set was prepared, which is now commonly available. (C) 2021 The Authors. Published by Elsevier B.V. This is an open access article under the CC BY-NC-ND license (https://crativecommons.org/licenses/by-nc-nd/4.0) Peer-review under responsibility of the scientific committee of KES International.

引用

页码：2259 / 2268

页数：10

共 36 条

[1] BARNETT JC, 1994, GROUNDWATER - DROUGHT, POLLUTION & MANAGEMENT, P3
[2] On the use of cross-validation for time series predictor evaluation
Bergmeir, Christoph
Benitez, Jose M.
[J]. INFORMATION SCIENCES, 2012, 191 : 192 - 213
[3] Bialas Andrzej, 2020, Engineering in Dependability of Computer Systems and Networks. Proceedings of the Fourteenth International Conference on Dependability of Computer Systems DepCoS-RELCOMEX. Advances in Intelligent Systems and Computing (AISC 987), P46, DOI 10.1007/978-3-030-19501-4_5
[4] Boser B. E., 1992, Proceedings of the Fifth Annual ACM Workshop on Computational Learning Theory, P144, DOI 10.1145/130385.130401
[5] LOF: Identifying density-based local outliers
Breunig, MM
Kriegel, HP
Ng, RT
Sander, J
[J]. SIGMOD RECORD, 2000, 29 (02) : 93 - 104
[6] Nearest-neighbor clutter removal for estimating features in spatial point processes
Byers, S
Raftery, AE
[J]. JOURNAL OF THE AMERICAN STATISTICAL ASSOCIATION, 1998, 93 (442) : 577 - 584
[7] Ester M., 1996, P 2 INT C KNOWL DISC, V96, P226, DOI DOI 10.5555/3001460.3001507
[8] Gao J, 2011, LECT NOTES ARTIF INT, V6635, P270, DOI 10.1007/978-3-642-20847-8_23
[9] PROCEDURES FOR DETECTING OUTLYING OBSERVATIONS IN SAMPLES
GRUBBS, FE
[J]. TECHNOMETRICS, 1969, 11 (01) : 1 - &
[10] Hawkins D.M., 1980, IDENTIFICATION OUTLI

← 1 2 3 4 →