Open AccessMulti Feature Selection based Network Traffic Anomaly Detection MethodOpen AccessAuthor(s)
Rui Wang,
Jiabin Fang,
Zhiye Yang,
Haiwei Li
Publication year2019
Publication title
journal of physics. conference series
Resource typeJournals
PublisherIOP Publishing
In this paper, a method is proposed to solve the difficult problem of the training model and the dynamic variability of the deployment environment. Firstly, the network traffic data is converted into numerical value and projected onto histograms of different dimensions to construct detection vectors. Based on the detection vector, some kinds of classifiers are compared. SVDD, which can handle high-dimensional data and has strong generalization ability, is chosen for anomaly detection. Secondly, in order to improve the true positive rate of detection and reduce training time, the classifier is trained continuously and trying various different combinations of features. Finally, a multi-step correlation detection algorithm is adopted to optimize the detection accuracy, and obvious abnormal samples are eliminated from the newly added samples, reducing the training cost and improving the classification accuracy. Through experiments based on a large amount of real network traffic data, the result demonstrate that the proposed method has higher accuracy and lower false alarm rate, and can effectively reduce the training cost.
Subject(s)anomaly detection , artificial intelligence , classifier (uml) , computer science , constant false alarm rate , data mining , feature selection , operating system , pattern recognition (psychology) , software deployment , support vector machine
Language(s)English
SCImago Journal Rank0.21
H-Index85
eISSN1742-6596
pISSN1742-6588
DOI10.1088/1742-6596/1288/1/012003
Seeing content that should not be on Zendy? Contact us.