IEEE Access (Jan 2019)
Analysis of Multi-Types of Flow Features Based on Hybrid Neural Network for Improving Network Anomaly Detection
Abstract
Security issues of large-scale local area network are becoming more prominent and the anomaly detection for the network traffic is the key means to solve this problem. On the other hand, it is a challenge to extract effective and accurate traffic features for anomaly detection. In order to resolve this challenge, multi-types of network flow features are designed and analyzed in the present study. These features include sequence packet features, general statistical features and environmental features, which can profile the characteristics of network flows accurately. Moreover, a method based on the hybrid neural network is proposed to detect anomaly by analyzing these features. One-dimensional convolutional network is implemented to analyze the sequence features in the hybrid neural network, while deep neural networks are utilized to learn the characteristics of high-dimension feature vectors including general statistical features and environmental features. The method can make comprehensive analysis for network anomaly detection. Two datasets of ISCX-IDS-2012 and CIC-IDS-2017 are carried out to evaluate the performance of the proposed method and other similar algorithms. The present study shows that the comprehensive performances of the proposed method are better than that for others algorithms. It is concluded that the proposed method can be applied for the anomaly detection applications with reasonable performance.
Keywords