Network Data Classification through Artificial Neural Networks and GenClust++ Algorithm

Information systems are becoming more and more complex and closely linked due to the exponential use of internet applications. These systems are encountering an enormous amount of traffic, this traffic can be a normal one destined for natural use or it may be a malicious one intended to violate the security of the system. Therefore, a defense method needs to be in place. One of the commonly used tools for network security is the Intrusion Detection System (IDS). An IDS, while ensuring real - time connectivity, tries to identify fraudulent activity using predetermined signatures or pre-established network behavior while monitoring incoming traffic. Intrusion detection systems based on signature or behavior cannot detect new attacks and fall when small deviations occur. Also, current anomaly detection approaches suffer often from high false alarms. As a solution to these problems, machine learning techniques are a new and promising tool for the identification of attacks. In this paper, the authors present a hybrid approach, combining artificial neural networks and a hybrid clustering algorithm based on k-means and genetic algorithm called GenClust++. The final framework leads to a fast, highly scalable and precise packets classification system. We tested our work on the newly published dataset CICIDS 2017. The overall process was fast, showing high accuracy classification results.