|
ABSTRACTS OF ARTICLES OF THE JOURNAL "INFORMATION TECHNOLOGIES".
No. 1. Vol. 30. 2024
DOI: 10.17587/it.30.32-41
S. O. Ivanov, Graduate Student,
The Ulianov Chuvash State University, Cheboksary, Russian Federation
A Technique for Creating and Training an Artificial Neural Network to Detect Network Traffic Anomalies
The article presents a technique for creating and training an artificial neural network to recognize network traffic anomalies using relatively small samples of collected data to generate training data. Various data sources for machine learning and approaches to network traffic analysis are considered. There are data format and the method of generating them from the collected network traffic is described, as well as the steps of the methodology in detail. Using the technique, an artificial neural network was created and trained for the task of recognizing anomalies in the network traffic of the ICMP protocol. The results of testing and comparing various artificial neural network configurations and learning conditions for a given task are presented. The artificial neural network trained according to the method was tested on real network traffic. The presented technique can be applied without requiring changes to detect anomalies of various network protocols and network traffic using a suitable parameterizer and data markup.
Keywords: network traffic anomalies, artificial neural network, learning technique, machine learning
P. 32-41
Acknowlegements: The study was supported by the Ministry of Digital Development of Russia, project Ή 14/22-κ .
References
- Koushal K., Bhagwati P. P. Applications of Machine Learning Techniques in the Realm of Cybersecurity, Cyber Security and Digital Forensics, 2022, pp. 295315, available at: https://doi.org/10.1002/9781119795667.ch13.
- Afanas'eva D. V. The Application of Artificial Intelligence to Data Security, Izvestiya TulGU. Tekhnicheskie nauki, 2020, no. 2, pp. 151154, available at: https://cyberleninka.ru/article/n/primenenie-iskusstvennogo-intellekta-v-obespechenii-bezopasnosti-dannyh (in Russian).
- Vlasenko A. V., Dz'oban P. I., Zhuk R. V. Overview of machine learning tools and their application in the field of cyberse-curity, Prikaspiiskii zhurnal: upravlenie i vysokie tekhnologii, 2020, no. 1 (49), pp. 144155, available at: https://cyberleninka. ru/article/n/obzor-instrumentov-mashinnogo-obucheniya-i-ih-primeneniya-v-oblasti-kiberbezopasnosti (in Russian).
- Platonov V. V. Methods for detecting network attacks. Machine Learning Technologies in Cybersecurity, Sankt-Peterburg, Politekh-Press, 2022, 84 p. (in Russian).
- Khudkheir A. R. M., Zargaryan E. V., Zargaryan Yu. A. Machine learning and deep learning models for electronic information security in mobile networks, Izvestiya YuFU. TekhniCheskie nauki, 2022, no. 3 (227), pp. 211222, available at: https://cyberleninka.ru/article/n/modeli-mashinnogo-obucheniya-i-glubok-ogo-obucheniya-dlya-elektronnoy-informatsionnoy-bezopasnosti-v-mobilnyh-setyah (in Russian).
- Gaifulina D. A., Kotenko I. V. Application of deep learning techniques in cybersecurity tasks. Part 2, Voprosy kiberbezo-pasnosti, 2020, no. 4 (38), pp. 1121, available at: https://cyberleninka.ru/article/n/primenenie-metodov-glubokogo-obucheniya-v-zadachah-kiberbezopasnosti-chast-2 (in Russian).
- Vasil'ev V. I. Intelligent Information Security Systems, Moscow, Innovatsionnoe mashinostroenie, 2013, 172 p. (in Russian).
- Lekh D. Yu., Legkii V. N., Kropacheva I. P. Use of neural networks as part of solving cybersecurity problems, XXIII Vserossiiskaya nauchno-tekhnicheskaya konferentsiya, posvyashchennaya 100-letiyu osnovaniya konstruktorskogo byuro "Tupolev" "Nauka Promyshlennost' Oborona", 2022 aprelya 2022goda. Novosibirsk, 2022, vol. 2, pp. 255259, (in Russian).
- Krasnova I. A., Deart V. Yu., Mankov V. A. Development of a Feature Matrix for Classifying Network Traffic in SDN in Real-Time Based on Machine Learning Algorithms, 2020 International Scientific and Technical Conference Modern Computer Network Technologies (MoNeTeC), Moscow, 2020, pp. 19. doi:10.1109/MoNeTeC49726.2020.9258314
- Gowsalya R., Amali S. M. SVM Based Network Traffic Classification Using Correlation Information, Networking and Communication Engineering, 2014, vol. 6, pp.188192.
- Volkov D. A., Prudkovskii N. S. System and method of active detection of malicious network resources, 2022, RU2769075C1 (in Russian).
- Kozhevnikova I. S., Anan'in E. V., Lysenko A. V., Nikishova A. V. Applying Machine Learning to Network Anomaly Detection, Molodoi uchenyi, 2016, no. 24 (128), pp. 1921, available at: https://moluch.ru/archive/128/35376/ (in Russian).
- Zhigulin P. V., Podvorchan D. E. Network traffic analysis with neural networks, Elektronnye sredstva i sistemy upravleniya, 2013, no. 2, pp. 4448 (in Russian).
- Lorenzen C., Agrawal R., King J. Determining Viability of Deep Learning on Cybersecurity Log Analytics, 2018 IEEE International Conference on Big Data (Big Data), 2018, pp. 48064811, doi: 10.1109/BigData.2018.8622165.
- Podder P., Subrato B., Rubaiyat M. H. M., Pinto K. P., Utku K. Artificial Neural Network for Cybersecurity: A Comprehensive Review, arXiv e-prints, 2021, doi:10.48550/arXiv.2107.01185.
- Araceli B.-A., Eleazar A. A., Mariko N.-M. Hector P.-M. Attacks recognition using recurrent neural network, International conference on Computational and information science 2009 (CIS'09). World Scientific and Engineering Academy and Society (WSEAS), Wisconsin, 2009, pp. 402409.
- Ivanov S. O., Nikandrov M. V. Software implementation of neural network to control maximum current protection, Dinamika nelineinykh diskretnykh elektrotekhnicheskikh i elektronnykh sistem. Materialy XIV Vserossiiskoi nauchno-tekhnicheskoi konferentsii. Cheboksary, 2021, pp. 121124 (in Russian).
- Paterson C., Calinescu R., Ashmore R. Assuring the Machine Learning Lifecycle: Desiderata, Methods, and Challenges, ACM Computing Surveys, 2021, pp. 54, DOI:10.1145/3453444.
- HSE Static Collections, available at: http://www.hse.ru/primarydata/
- Reports of World Economic Forum, available at: https:// www.weforum.org/reports
- Publications of the Analytical Center under the Government of the Russian Federation, available at: https://ac.gov.ru/ publications
- U. S. Government's open data, available at: https://data.gov
- NASA Earth Observation Data, available at: https://www.earthdata.nasa.gov
- Data of FiveThirtyEight, available at: https://github.com/fivethirtyeight/data
- Registry of Open Data on AWS, available at: https://registry.opendata.aws
- BigQuery public datasets, Google, available at: https://cloud.google.com/bigquery/public-data/
- Wikipedia: Database download, available at: https://en.wikipedia.org/wiki/Wikipedia:Database_download
- World Bank Open Data, available at: https://data.world-bank.org/
- Nasdaq Data Link, available at: https://data.nasdaq.com/search
- KDD Cup 1999: Computer network intrusion detection, available at: https://www.kdd.org/kdd-cup/view/kdd-cup-1999/Data
- NSL-KDD dataset, available at: https://www.unb.ca/cic/datasets/nsl.html
- Datasets of Canadian Institute for Cybersecurity, available at: https://www.unb.ca/cic/datasets/index.html
- On the Evaluation of Unsupervised Outlier Detection: Measures, Datasets, and an Empirical Study, available at: https:// www.dbs.ifi.lmu.de/research/outlier-evaluation/DAMI/
- Datasets of Kaggle, available at: https://www.kaggle.com/datasets
- Outlier Detection DataSets, available at: http://odds.cs.stonybrook.edu/
- Datasets, Reddit, available at: https://www.reddit.com/r/datasets/top/?sort=top&t=all
- data.world, available at: https://data.world
- Academic Torrents, available at: https://academictorrents.com
- UC Irvine Machine Learning Repository, available at: https://archive.ics.uci.edu/ml/index.php
- Google Dataset Search, available at: https://toolbox.google.com/datasetsearch
- Get'man A. I., Ikonnikova M. K. Overview of Methods for Classifying Network Traffic Using Machine Learning, Trudy RAN, 2020, no.6, pp.137154, available at: https://cyberleninka.ru/article/n/obzor-metodov-klassifikatsii-setevogo-trafika-s-ispol-zovaniem-mashinnogo-obucheniya (in Russian).
- Tolubko V., Mukhin V., Haidur H., Dovzhenko N. Method for Determination of Cyber Threats Based on Machine Learning for Real-Time Information System, International Journal of Intelligent Systems and Applications; Hong Kong, vol. 11, 8, 2018, pp. 3541, DOI:10.5815/ijisa.2018.08.02
To the contents
|
|