Skip to main content
placeholder image

Autoperman: Automatic Network Traffic Anomaly Detection with��Ensemble Learning

Chapter


Abstract


  • Network traffic, which records users��� behaviors, is valuable data resources for diagnosing the health of the network. Mining anomaly in network is essential for network defense. Although traditional machine learning approaches have good performance, their dependence on huge training data set with expensive labels make them impractical. Furthermore, after complex hyperparameters tuning, the detection model may not work. Facing these challenges, in this paper, we propose Autoperman through supervised learning. In Autoperman, machine learning algorithms with fixed hyperparameters as feature extractors are integrated, which utilize a small amount of training data to be initialized. Then Random Forest is selected as the anomaly classifier and achieves automatic parameters tuning via well studied online optimization theory. We compare the performance of Autoperman against traditional anomaly detection algorithms using public traffic datasets. The results demonstrate that Autoperman can perform about 6.9%, 34.2%, 4.3%, 2.2%, 37.6 % better than L-SVM, NL-SVM, LR, MLP, K-means, respectively.

Publication Date


  • 2022

Edition


Citation


  • Han, S., Wu, Q., Zhang, H., Qin, B., Yao, J., & Susilo, W. (2022). Autoperman: Automatic Network Traffic Anomaly Detection with��Ensemble Learning. In Unknown Book (Vol. 1587 CCIS, pp. 616-628). doi:10.1007/978-3-031-06761-7_49

International Standard Book Number (isbn) 13


  • 9783031067600

Scopus Eid


  • 2-s2.0-85135053845

Web Of Science Accession Number


Book Title


  • Communications in Computer and Information Science

Start Page


  • 616

End Page


  • 628

Place Of Publication


Abstract


  • Network traffic, which records users��� behaviors, is valuable data resources for diagnosing the health of the network. Mining anomaly in network is essential for network defense. Although traditional machine learning approaches have good performance, their dependence on huge training data set with expensive labels make them impractical. Furthermore, after complex hyperparameters tuning, the detection model may not work. Facing these challenges, in this paper, we propose Autoperman through supervised learning. In Autoperman, machine learning algorithms with fixed hyperparameters as feature extractors are integrated, which utilize a small amount of training data to be initialized. Then Random Forest is selected as the anomaly classifier and achieves automatic parameters tuning via well studied online optimization theory. We compare the performance of Autoperman against traditional anomaly detection algorithms using public traffic datasets. The results demonstrate that Autoperman can perform about 6.9%, 34.2%, 4.3%, 2.2%, 37.6 % better than L-SVM, NL-SVM, LR, MLP, K-means, respectively.

Publication Date


  • 2022

Edition


Citation


  • Han, S., Wu, Q., Zhang, H., Qin, B., Yao, J., & Susilo, W. (2022). Autoperman: Automatic Network Traffic Anomaly Detection with��Ensemble Learning. In Unknown Book (Vol. 1587 CCIS, pp. 616-628). doi:10.1007/978-3-031-06761-7_49

International Standard Book Number (isbn) 13


  • 9783031067600

Scopus Eid


  • 2-s2.0-85135053845

Web Of Science Accession Number


Book Title


  • Communications in Computer and Information Science

Start Page


  • 616

End Page


  • 628

Place Of Publication