main| new issue| archive| editorial board| for the authors| publishing house|
Πσρρκθι
Main page
New issue
Archive of articles
Editorial board
For the authors
Publishing house

 

 


ABSTRACTS OF ARTICLES OF THE JOURNAL "INFORMATION TECHNOLOGIES".
No. 1. Vol. 30. 2024

DOI: 10.17587/it.30.32-41

S. O. Ivanov, Graduate Student,
The Ulianov Chuvash State University, Cheboksary, Russian Federation

A Technique for Creating and Training an Artificial Neural Network to Detect Network Traffic Anomalies

The article presents a technique for creating and training an artificial neural network to recognize network traffic anomalies using relatively small samples of collected data to generate training data. Various data sources for machine learning and approaches to network traffic analysis are considered. There are data format and the method of generating them from the collected network traffic is described, as well as the steps of the methodology in detail. Using the technique, an artificial neural network was created and trained for the task of recognizing anomalies in the network traffic of the ICMP protocol. The results of testing and comparing various artificial neural network configurations and learning conditions for a given task are presented. The artificial neural network trained according to the method was tested on real network traffic. The presented technique can be applied without requiring changes to detect anomalies of various network protocols and network traffic using a suitable parameterizer and data markup.
Keywords: network traffic anomalies, artificial neural network, learning technique, machine learning

P. 32-41

Acknowlegements: The study was supported by the Ministry of Digital Development of Russia, project Ή 14/22-κ .

References

  1. Koushal K., Bhagwati P. P. Applications of Machine Learning Techniques in the Realm of Cybersecurity, Cyber Security and Digital Forensics, 2022, pp. 295—315, available at: https://doi.org/10.1002/9781119795667.ch13.
  2. Afanas'eva D. V. The Application of Artificial Intelligence to Data Security, Izvestiya TulGU. Tekhnicheskie nauki, 2020, no. 2, pp. 151—154, available at: https://cyberleninka.ru/article/n/primenenie-iskusstvennogo-intellekta-v-obespechenii-bezopasnosti-dannyh (in Russian).
  3. Vlasenko A. V., Dz'oban P. I., Zhuk R. V. Overview of machine learning tools and their application in the field of cyberse-curity, Prikaspiiskii zhurnal: upravlenie i vysokie tekhnologii, 2020, no. 1 (49), pp. 144—155, available at: https://cyberleninka. ru/article/n/obzor-instrumentov-mashinnogo-obucheniya-i-ih-primeneniya-v-oblasti-kiberbezopasnosti (in Russian).
  4. Platonov V. V. Methods for detecting network attacks. Machine Learning Technologies in Cybersecurity, Sankt-Peterburg, Politekh-Press, 2022, 84 p. (in Russian).
  5. Khudkheir A. R. M., Zargaryan E. V., Zargaryan Yu. A. Machine learning and deep learning models for electronic information security in mobile networks, Izvestiya YuFU. TekhniCheskie nauki, 2022, no. 3 (227), pp. 211—222, available at: https://cyberleninka.ru/article/n/modeli-mashinnogo-obucheniya-i-glubok-ogo-obucheniya-dlya-elektronnoy-informatsionnoy-bezopasnosti-v-mobilnyh-setyah (in Russian).
  6. Gaifulina D. A., Kotenko I. V. Application of deep learning techniques in cybersecurity tasks. Part 2, Voprosy kiberbezo-pasnosti, 2020, no. 4 (38), pp. 11—21, available at: https://cyberleninka.ru/article/n/primenenie-metodov-glubokogo-obucheniya-v-zadachah-kiberbezopasnosti-chast-2 (in Russian).
  7. Vasil'ev V. I. Intelligent Information Security Systems, Moscow, Innovatsionnoe mashinostroenie, 2013, 172 p. (in Russian).
  8. Lekh D. Yu., Legkii V. N., Kropacheva I. P. Use of neural networks as part of solving cybersecurity problems, XXIII Vserossiiskaya nauchno-tekhnicheskaya konferentsiya, posvyashchennaya 100-letiyu osnovaniya konstruktorskogo byuro "Tupolev" "Nauka Promyshlennost' Oborona", 20—22 aprelya 2022goda. Novosibirsk, 2022, vol. 2, pp. 255—259, (in Russian).
  9. Krasnova I. A., Deart V. Yu., Mankov V. A. Development of a Feature Matrix for Classifying Network Traffic in SDN in Real-Time Based on Machine Learning Algorithms, 2020 International Scientific and Technical Conference Modern Computer Network Technologies (MoNeTeC), Moscow, 2020, pp. 1—9. doi:10.1109/MoNeTeC49726.2020.9258314
  10. Gowsalya R., Amali S. M. SVM Based Network Traffic Classification Using Correlation Information, Networking and Communication Engineering, 2014, vol. 6, pp.188—192.
  11. Volkov D. A., Prudkovskii N. S. System and method of active detection of malicious network resources, 2022, RU2769075C1 (in Russian).
  12. Kozhevnikova I. S., Anan'in E. V., Lysenko A. V., Nikishova A. V. Applying Machine Learning to Network Anomaly Detection, Molodoi uchenyi, 2016, no. 24 (128), pp. 19—21, available at: https://moluch.ru/archive/128/35376/ (in Russian).
  13. Zhigulin P. V., Podvorchan D. E. Network traffic analysis with neural networks, Elektronnye sredstva i sistemy upravleniya, 2013, no. 2, pp. 44—48 (in Russian).
  14. Lorenzen C., Agrawal R., King J. Determining Viability of Deep Learning on Cybersecurity Log Analytics, 2018 IEEE International Conference on Big Data (Big Data), 2018, pp. 4806—4811, doi: 10.1109/BigData.2018.8622165.
  15. Podder P., Subrato B., Rubaiyat M. H. M., Pinto K. P., Utku K. Artificial Neural Network for Cybersecurity: A Comprehensive Review, arXiv e-prints, 2021, doi:10.48550/arXiv.2107.01185.
  16. Araceli B.-A., Eleazar A. A., Mariko N.-M. Hector P.-M. Attacks recognition using recurrent neural network, International conference on Computational and information science 2009 (CIS'09). World Scientific and Engineering Academy and Society (WSEAS), Wisconsin, 2009, pp. 402—409.
  17. Ivanov S. O., Nikandrov M. V. Software implementation of neural network to control maximum current protection, Dinamika nelineinykh diskretnykh elektrotekhnicheskikh i elektronnykh sistem. Materialy XIV Vserossiiskoi nauchno-tekhnicheskoi konferentsii. Cheboksary, 2021, pp. 121—124 (in Russian).
  18. Paterson C., Calinescu R., Ashmore R. Assuring the Machine Learning Lifecycle: Desiderata, Methods, and Challenges, ACM Computing Surveys, 2021, pp. 54, DOI:10.1145/3453444.
  19. HSE Static Collections, available at: http://www.hse.ru/primarydata/
  20. Reports of World Economic Forum, available at: https:// www.weforum.org/reports
  21. Publications of the Analytical Center under the Government of the Russian Federation, available at: https://ac.gov.ru/ publications
  22. U. S. Government's open data, available at: https://data.gov
  23. NASA Earth Observation Data, available at: https://www.earthdata.nasa.gov
  24. Data of FiveThirtyEight, available at: https://github.com/fivethirtyeight/data
  25. Registry of Open Data on AWS, available at: https://registry.opendata.aws
  26. BigQuery public datasets, Google, available at: https://cloud.google.com/bigquery/public-data/
  27. Wikipedia: Database download, available at: https://en.wikipedia.org/wiki/Wikipedia:Database_download
  28. World Bank Open Data, available at: https://data.world-bank.org/
  29. Nasdaq Data Link, available at: https://data.nasdaq.com/search
  30. KDD Cup 1999: Computer network intrusion detection, available at: https://www.kdd.org/kdd-cup/view/kdd-cup-1999/Data
  31. NSL-KDD dataset, available at: https://www.unb.ca/cic/datasets/nsl.html
  32. Datasets of Canadian Institute for Cybersecurity, available at: https://www.unb.ca/cic/datasets/index.html
  33. On the Evaluation of Unsupervised Outlier Detection: Measures, Datasets, and an Empirical Study, available at: https:// www.dbs.ifi.lmu.de/research/outlier-evaluation/DAMI/
  34. Datasets of Kaggle, available at: https://www.kaggle.com/datasets
  35. Outlier Detection DataSets, available at: http://odds.cs.stonybrook.edu/
  36. Datasets, Reddit, available at: https://www.reddit.com/r/datasets/top/?sort=top&t=all
  37. data.world, available at: https://data.world
  38. Academic Torrents, available at: https://academictorrents.com
  39. UC Irvine Machine Learning Repository, available at: https://archive.ics.uci.edu/ml/index.php
  40. Google Dataset Search, available at: https://toolbox.google.com/datasetsearch
  41. Get'man A. I., Ikonnikova M. K. Overview of Methods for Classifying Network Traffic Using Machine Learning, Trudy RAN, 2020, no.6, pp.137—154, available at: https://cyberleninka.ru/article/n/obzor-metodov-klassifikatsii-setevogo-trafika-s-ispol-zovaniem-mashinnogo-obucheniya (in Russian).
  42. Tolubko V., Mukhin V., Haidur H., Dovzhenko N. Method for Determination of Cyber Threats Based on Machine Learning for Real-Time Information System, International Journal of Intelligent Systems and Applications; Hong Kong, vol. 11, 8, 2018, pp. 35—41, DOI:10.5815/ijisa.2018.08.02

 


To the contents