Time-based Anomaly Detection using Autoencoder

被引：20

作者：

Salahuddin, Mohammad A. ^{[1
]}

Bari, Md Faizul ^{[1
]}

Alameddine, Hyame Assem ^{[1
,2
]}

Pourahmadi, Vahid ^{[1
]}

Boutaba, Raouf ^{[1
]}

机构：

[1] Univ Waterloo, David R Cheriton Sch Comp Sci, Waterloo, ON, Canada

[2] Ericsson Secur Res, Montreal, PQ, Canada

来源：

2020 16TH INTERNATIONAL CONFERENCE ON NETWORK AND SERVICE MANAGEMENT (CNSM) | 2020年

基金：

加拿大自然科学与工程研究理事会;

关键词：

Security management; distributed denial of service; anomaly detection; autoencoder; SYSTEM;

D O I：

10.23919/cnsm50824.2020.9269112

中图分类号：

TP3 [计算技术、计算机技术];

学科分类号：

0812 ;

摘要：

Distributed Denial of Service (DDoS) attacks continue to draw significant attention, especially with the recent surge in cyber attacks that targeted the healthcare, education and financial sectors, during the COVID-19 pandemic. The expansion of virtualization and softwarization technologies, and the surge in Internet of Things (IoT) devices, increase the attack surface and the impact of attacks on networks. In this paper, we present a novel time-based anomaly detection system that leverages an Autoencoder. We explore the impact of different time-windows on detecting multiple DDoS attacks that are difficult to detect via the widely used flow-based features. We train and evaluate our Autoencoder on the recent CICDDoS2019 dataset, and show that our approach achieves an anomaly detection F1-score of over 99% for most attacks and greater than 95% for all attacks.

引用

页数：9

共 30 条

[1] A comprehensive survey on machine learning for networking: evolution, applications and research opportunities
Boutaba, Raouf
Salahuddin, Mohammad A.
Limam, Noura
Ayoubi, Sara
Shahriar, Nashid
Estrada-Solano, Felipe
Caicedo, Oscar M.
[J]. JOURNAL OF INTERNET SERVICES AND APPLICATIONS, 2018, 9 (09)
[2] Unsupervised learning approach for network intrusion detection system using autoencoders
Choi, Hyunseung
Kim, Mintae
Lee, Gyubok
Kim, Wooju
[J]. JOURNAL OF SUPERCOMPUTING, 2019, 75 (09) : 5597 - 5621
[3] Machine Learning DDoS Detection for Consumer Internet of Things Devices
Doshi, Rohan
Apthorpe, Noah
Feamster, Nick
[J]. 2018 IEEE SYMPOSIUM ON SECURITY AND PRIVACY WORKSHOPS (SPW 2018), 2018, : 29 - 35
[4] Draper-Gil Gerard, 2016, ICISSP 2016. 2nd International Conference on Information Systems Security and Privacy. Proceedings, P407
[5] DDoSNet: A Deep-Learning Model for Detecting Network Attacks
Elsayed, Mahmoud Said
Nhien-An Le-Khac
Dev, Soumyabrata
Jurcut, Anca Delia
[J]. 2020 21ST IEEE INTERNATIONAL SYMPOSIUM ON A WORLD OF WIRELESS, MOBILE AND MULTIMEDIA NETWORKS (IEEE WOWMOM 2020), 2020, : 391 - 396
[6] On High-Speed Flow-Based Intrusion Detection Using Snort-Compatible Signatures
Erlacher, Felix
Dressler, Falko
[J]. IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, 2022, 19 (01) : 495 - 506
[7] Goodfellow I, 2016, ADAPT COMPUT MACH LE, P1
[8] Google Brain Team, 2020, TENS
[9] Google LLC, 2020, KAGGL YOUR HOM DAT S
[10] Intrator Y., 2018, CORR

← 1 2 3 →