Improving Data Generalization with Variational Autoencoders for Network Traffic Anomaly Detection

Thumbnail Image
Journal Title
Journal ISSN
Volume Title
A1 Alkuperäisartikkeli tieteellisessä aikakauslehdessä
Degree programme
IEEE Access, Volume 9
Deep generative models have increasingly become popular in different domains such as image processing, though, they hardly appear in the cybersecurity arena. While the main application of these models is dimensionality reduction, marginally they have been utilized for overcoming challenges such as data generalization and overfitting issues inherited from feature selection methods. To solve the mentioned challenges, we propose a combined architecture comprising a Conditional Variational AutoEncoder (CVAE) and a Random Forest (RF) classifier to automatically learn similarity among input features, provide data distribution in order to extract discriminative features from original features, and finally classify various types of attacks. CVAE introduces the labels of traffic packets into a latent space in order to better learn the changes of input samples and distinguish the data characteristics of each class. It avoids the confusion between classes while learning the whole data distribution. Compared with feature selection mechanisms such as Support Vector Machine Online (SVMo) by considering various evaluation metrics, the proposed architecture demonstrates considerable improvement in terms of performance. To verify the versatility of the proposed architecture, two publicly available datasets have been used in experiments.
Publisher Copyright: CCBY Copyright: Copyright 2021 Elsevier B.V., All rights reserved.
Anomaly Detection, Anomaly detection, Classification algorithms, Data Mining, Feature extraction, Feature Selection, Machine Learning, Measurement, Random forests, Security, Telecommunication traffic, Vegetation
Other note
Monshizadeh, M, Khatri, V, Gamdou, M, Kantola, R & Yan, Z 2021, ' Improving Data Generalization with Variational Autoencoders for Network Traffic Anomaly Detection ', IEEE Access, vol. 9, 9399440, pp. 56893-56907 .