A Multimodal Threat Detection Algorithm for Wide Area Network Security Based on Support Vector Machines

IF 1 4区计算机科学 Q4 COMPUTER SCIENCE, SOFTWARE ENGINEERING

Journal of Web Engineering Pub Date : 2025-09-01 DOI:10.13052/jwe1540-9589.2465

Bo Yuan

{"title":"A Multimodal Threat Detection Algorithm for Wide Area Network Security Based on Support Vector Machines","authors":"Bo Yuan","doi":"10.13052/jwe1540-9589.2465","DOIUrl":null,"url":null,"abstract":"Wide area networks (WANs) are increasingly susceptible to sophisticated cyber threats, particularly as critical infrastructure becomes more interconnected. For example, computing-first networks (CFNs) often traverse WANs at edge access nodes, making them more vulnerable to security threats. This paper proposes a multimodal threat detection framework that combines traffic statistics, system logs, and user behavior patterns to deliver interpretable and real-time classification of network threats. The system applies feature normalization and uses principal component analysis (PCA) to reduce dimensionality. A support vector machine (SVM) with a radial basis function kernel is then used to detect non-linear attack patterns. A web-based architecture enables real-time deployment via REST APIs, and extensive evaluations on the CICIDS 2017 and UNSW-NB15 datasets demonstrate high accuracy (up to 96.8%) and low-latency inference. Ablation studies confirm the importance of multimodal fusion, and benchmark tests validate scalability and system responsiveness. This work offers a deployable and efficient solution for real-time WAN security, with promising applications in energy systems, public infrastructure, and enterprise networks.","PeriodicalId":49952,"journal":{"name":"Journal of Web Engineering","volume":"24 6","pages":"973-996"},"PeriodicalIF":1.0000,"publicationDate":"2025-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=11194294","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Web Engineering","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/11194294/","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"COMPUTER SCIENCE, SOFTWARE ENGINEERING","Score":null,"Total":0}

引用次数: 0

Abstract

Wide area networks (WANs) are increasingly susceptible to sophisticated cyber threats, particularly as critical infrastructure becomes more interconnected. For example, computing-first networks (CFNs) often traverse WANs at edge access nodes, making them more vulnerable to security threats. This paper proposes a multimodal threat detection framework that combines traffic statistics, system logs, and user behavior patterns to deliver interpretable and real-time classification of network threats. The system applies feature normalization and uses principal component analysis (PCA) to reduce dimensionality. A support vector machine (SVM) with a radial basis function kernel is then used to detect non-linear attack patterns. A web-based architecture enables real-time deployment via REST APIs, and extensive evaluations on the CICIDS 2017 and UNSW-NB15 datasets demonstrate high accuracy (up to 96.8%) and low-latency inference. Ablation studies confirm the importance of multimodal fusion, and benchmark tests validate scalability and system responsiveness. This work offers a deployable and efficient solution for real-time WAN security, with promising applications in energy systems, public infrastructure, and enterprise networks.

查看原文本刊更多论文

基于支持向量机的广域网安全多模态威胁检测算法

广域网（wan）越来越容易受到复杂的网络威胁的影响，特别是在关键基础设施变得更加互联的情况下。例如，计算优先网络（cfn）经常在边缘访问节点上遍历广域网，这使得它们更容易受到安全威胁。本文提出了一种结合流量统计、系统日志和用户行为模式的多模态威胁检测框架，以提供可解释的实时网络威胁分类。该系统采用特征归一化，并使用主成分分析（PCA）进行降维。然后利用径向基函数核支持向量机（SVM）检测非线性攻击模式。基于web的架构可通过REST api实现实时部署，对CICIDS 2017和UNSW-NB15数据集的广泛评估显示出高精度（高达96.8%）和低延迟推断。消融研究证实了多模态融合的重要性，基准测试验证了可扩展性和系统响应性。这项工作为实时广域网安全提供了一种可部署且高效的解决方案，在能源系统、公共基础设施和企业网络中具有广阔的应用前景。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Journal of Web Engineering 工程技术-计算机：理论方法

CiteScore

1.80

自引率

12.50%

发文量

审稿时长

9 months

期刊介绍： The World Wide Web and its associated technologies have become a major implementation and delivery platform for a large variety of applications, ranging from simple institutional information Web sites to sophisticated supply-chain management systems, financial applications, e-government, distance learning, and entertainment, among others. Such applications, in addition to their intrinsic functionality, also exhibit the more complex behavior of distributed applications.