IEEE Access (Jan 2024)
An Adaptive Policy-Based Anomaly Object Control System for Enhanced Cybersecurity
Abstract
Anomaly detection research focuses on identifying rare patterns derived from daily occurrences. This study introduces an innovative anomaly–object control system that utilizes adaptive policies through anomaly detection algorithms. Effectively blocking anomalous objects in real–world scenarios poses significant challenges. Therefore, we empirically validate the proposed anomaly object control methodology using the traffic history associated with malicious cyber–attacks in vulnerable network environments. We propose an anomaly object control methodology based on DeepSARSA that utilizes unsupervised anomaly detection deep learning models trained on historical data collected from an environment in which the anomaly object control system operates. Through this approach, we confirmed the adaptive policies for optimal anomaly object control. By employing the out–of–distribution detection and DeepSVDD algorithms as reward functions and comparing the results, we verified the stability of the proposed anomaly object control system. Our experimental results highlight the practical limitations of single–class anomaly detection algorithms and propose new research directions for anomaly detection.
Keywords