A DOUBLE-SHRINK AUTOENCODER FOR NETWORK ANOMALY DETECTION

Journal of Computer Science and Cybernetics Pub Date : 2020-05-11 DOI:10.15625/1813-9663/36/2/14578

Cong Thanh Bui, Loi Cao Van, Minh Hoang, Quang Uy Nguyen

{"title":"A DOUBLE-SHRINK AUTOENCODER FOR NETWORK ANOMALY DETECTION","authors":"Cong Thanh Bui, Loi Cao Van, Minh Hoang, Quang Uy Nguyen","doi":"10.15625/1813-9663/36/2/14578","DOIUrl":null,"url":null,"abstract":"The rapid development of the Internet and the wide spread of its applications has affected many aspects of our life. However, this development also makes the cyberspace more vulnerable to various attacks. Thus, detecting and preventing these attacks are crucial for the next development of the Internet and its services. Recently, machine learning methods have been widely adopted in detecting network attacks. Among many machine learning methods, AutoEncoders (AEs) are known as the state-of-the-art techniques for network anomaly detection. Although, AEs have been successfully applied to detect many types of attacks, it is often unable to detect some difficult attacks that attempt to mimic the normal network traffic. In order to handle this issue, we propose a new model based on AutoEncoder called Double-Shrink AutoEncoder (DSAE). DSAE put more shrinkage on the normal data in the middle hidden layer. This helps to pull out some anomalies that are very similar to normal data. DSAE are evaluated on six well-known network attacks datasets. The experimental results show that our model performs competitively to the state-of-the-art model, and often out-performs this model on the attacks group that is difficult for the previous methods.","PeriodicalId":15444,"journal":{"name":"Journal of Computer Science and Cybernetics","volume":"1 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2020-05-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Computer Science and Cybernetics","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.15625/1813-9663/36/2/14578","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 2

Abstract

The rapid development of the Internet and the wide spread of its applications has affected many aspects of our life. However, this development also makes the cyberspace more vulnerable to various attacks. Thus, detecting and preventing these attacks are crucial for the next development of the Internet and its services. Recently, machine learning methods have been widely adopted in detecting network attacks. Among many machine learning methods, AutoEncoders (AEs) are known as the state-of-the-art techniques for network anomaly detection. Although, AEs have been successfully applied to detect many types of attacks, it is often unable to detect some difficult attacks that attempt to mimic the normal network traffic. In order to handle this issue, we propose a new model based on AutoEncoder called Double-Shrink AutoEncoder (DSAE). DSAE put more shrinkage on the normal data in the middle hidden layer. This helps to pull out some anomalies that are very similar to normal data. DSAE are evaluated on six well-known network attacks datasets. The experimental results show that our model performs competitively to the state-of-the-art model, and often out-performs this model on the attacks group that is difficult for the previous methods.

查看原文本刊更多论文

用于网络异常检测的双收缩自编码器

互联网的迅速发展及其应用的广泛传播影响了我们生活的许多方面。然而，这种发展也使网络空间更容易受到各种攻击。因此，检测和预防这些攻击对互联网及其服务的下一步发展至关重要。近年来，机器学习方法被广泛应用于网络攻击检测。在许多机器学习方法中，自动编码器(ae)被认为是网络异常检测的最先进技术。虽然AEs已经成功地应用于检测许多类型的攻击，但它通常无法检测一些试图模仿正常网络流量的困难攻击。为了解决这一问题，我们提出了一种基于自动编码器的新模型——双收缩自动编码器(Double-Shrink AutoEncoder, DSAE)。DSAE对中间隐藏层的正常数据进行了更大的收缩。这有助于提取出一些与正常数据非常相似的异常。在六个已知的网络攻击数据集上对DSAE进行了评估。实验结果表明，我们的模型与最先进的模型相比具有竞争力，并且在以前的方法难以对付的攻击组上往往优于该模型。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Journal of Computer Science and Cybernetics

自引率

0.00%

发文量