Convolutional Neural Network and Deep One-Class Support Vector Machine with Imbalanced Dataset for Anomaly Network Traffic Detection

Kwok Tai Chui; Brij B. Gupta; Hao Ran Chi; Mingbo Zhao

doi:10.1007/978-3-031-22018-0_23

Convolutional Neural Network and Deep One-Class Support Vector Machine with Imbalanced Dataset for Anomaly Network Traffic Detection

Kwok Tai Chui, Brij B. Gupta, Hao Ran Chi, Mingbo Zhao

Electronic Engineering and Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

3 Citations (Scopus)

Abstract

Anomaly detection of network traffic is important for real-time network monitoring and management. The research challenges for anomaly network traffic detection (ANTD) are attributable to the nature of highly imbalanced dataset of abnormal samples and poor generalization. Generating additional training data or undersampling does not perform well with highly imbalanced dataset. The drives to the common formulation of ANTD as an one-class classification problem. Convolution neural network is utilized for feature extraction. This is followed by a deep one-class support vector machine classifier with customized kernel via multiple kernel learning to address the issue of generalization and overfitting. The deep architecture leverages the performance of traditional support vector machine to a large extent. Performance evaluation reveals that the proposed algorithm achieves accuracy of 97.5%. Ablation studies show that our algorithm enhances the accuracy by 2.52–15.2%. Compared with existing work, our algorithm enhances the accuracy by 3.07%. Several future research directions are discussed for further exploration and analysis.

Original language	English
Title of host publication	International Conference on Cyber Security, Privacy and Networking, ICSPN 2022
Editors	Nadia Nedjah, Gregorio Martínez Pérez, B.B. Gupta
Pages	248-256
Number of pages	9
DOIs	https://doi.org/10.1007/978-3-031-22018-0_23
Publication status	Published - 2023
Event	International Conference on Cyber Security, Privacy and Networking, ICSPN 2022 - Virtual, Online Duration: 9 Sept 2021 → 11 Sept 2021

Publication series

Name	Lecture Notes in Networks and Systems
Volume	599 LNNS
ISSN (Print)	2367-3370
ISSN (Electronic)	2367-3389

Conference

Conference	International Conference on Cyber Security, Privacy and Networking, ICSPN 2022
City	Virtual, Online
Period	9/09/21 → 11/09/21

Keywords

Anomaly detection
Convolutional neural network
Deep support vector machine
Imbalanced dataset
Network traffic
One-class classification

Access to Document

10.1007/978-3-031-22018-0_23

Cite this

Chui, K. T., Gupta, B. B., Chi, H. R., & Zhao, M. (2023). Convolutional Neural Network and Deep One-Class Support Vector Machine with Imbalanced Dataset for Anomaly Network Traffic Detection. In N. Nedjah, G. Martínez Pérez, & B. B. Gupta (Eds.), International Conference on Cyber Security, Privacy and Networking, ICSPN 2022 (pp. 248-256). (Lecture Notes in Networks and Systems; Vol. 599 LNNS). https://doi.org/10.1007/978-3-031-22018-0_23

Chui, Kwok Tai ; Gupta, Brij B. ; Chi, Hao Ran et al. / Convolutional Neural Network and Deep One-Class Support Vector Machine with Imbalanced Dataset for Anomaly Network Traffic Detection. International Conference on Cyber Security, Privacy and Networking, ICSPN 2022. editor / Nadia Nedjah ; Gregorio Martínez Pérez ; B.B. Gupta. 2023. pp. 248-256 (Lecture Notes in Networks and Systems).

@inproceedings{cfee6ca11e1b47d994a27f27ca576331,

title = "Convolutional Neural Network and Deep One-Class Support Vector Machine with Imbalanced Dataset for Anomaly Network Traffic Detection",

abstract = "Anomaly detection of network traffic is important for real-time network monitoring and management. The research challenges for anomaly network traffic detection (ANTD) are attributable to the nature of highly imbalanced dataset of abnormal samples and poor generalization. Generating additional training data or undersampling does not perform well with highly imbalanced dataset. The drives to the common formulation of ANTD as an one-class classification problem. Convolution neural network is utilized for feature extraction. This is followed by a deep one-class support vector machine classifier with customized kernel via multiple kernel learning to address the issue of generalization and overfitting. The deep architecture leverages the performance of traditional support vector machine to a large extent. Performance evaluation reveals that the proposed algorithm achieves accuracy of 97.5%. Ablation studies show that our algorithm enhances the accuracy by 2.52–15.2%. Compared with existing work, our algorithm enhances the accuracy by 3.07%. Several future research directions are discussed for further exploration and analysis.",

keywords = "Anomaly detection, Convolutional neural network, Deep support vector machine, Imbalanced dataset, Network traffic, One-class classification",

author = "Chui, {Kwok Tai} and Gupta, {Brij B.} and Chi, {Hao Ran} and Mingbo Zhao",

note = "Publisher Copyright: {\textcopyright} 2023, The Author(s), under exclusive license to Springer Nature Switzerland AG.; International Conference on Cyber Security, Privacy and Networking, ICSPN 2022 ; Conference date: 09-09-2021 Through 11-09-2021",

year = "2023",

doi = "10.1007/978-3-031-22018-0_23",

language = "English",

isbn = "9783031220173",

series = "Lecture Notes in Networks and Systems",

pages = "248--256",

editor = "Nadia Nedjah and {Mart{\'i}nez P{\'e}rez}, Gregorio and B.B. Gupta",

booktitle = "International Conference on Cyber Security, Privacy and Networking, ICSPN 2022",

}

Chui, KT, Gupta, BB, Chi, HR & Zhao, M 2023, Convolutional Neural Network and Deep One-Class Support Vector Machine with Imbalanced Dataset for Anomaly Network Traffic Detection. in N Nedjah, G Martínez Pérez & BB Gupta (eds), International Conference on Cyber Security, Privacy and Networking, ICSPN 2022. Lecture Notes in Networks and Systems, vol. 599 LNNS, pp. 248-256, International Conference on Cyber Security, Privacy and Networking, ICSPN 2022, Virtual, Online, 9/09/21. https://doi.org/10.1007/978-3-031-22018-0_23

Convolutional Neural Network and Deep One-Class Support Vector Machine with Imbalanced Dataset for Anomaly Network Traffic Detection. / Chui, Kwok Tai; Gupta, Brij B.; Chi, Hao Ran et al.
International Conference on Cyber Security, Privacy and Networking, ICSPN 2022. ed. / Nadia Nedjah; Gregorio Martínez Pérez; B.B. Gupta. 2023. p. 248-256 (Lecture Notes in Networks and Systems; Vol. 599 LNNS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Convolutional Neural Network and Deep One-Class Support Vector Machine with Imbalanced Dataset for Anomaly Network Traffic Detection

AU - Chui, Kwok Tai

AU - Gupta, Brij B.

AU - Chi, Hao Ran

AU - Zhao, Mingbo

PY - 2023

Y1 - 2023

N2 - Anomaly detection of network traffic is important for real-time network monitoring and management. The research challenges for anomaly network traffic detection (ANTD) are attributable to the nature of highly imbalanced dataset of abnormal samples and poor generalization. Generating additional training data or undersampling does not perform well with highly imbalanced dataset. The drives to the common formulation of ANTD as an one-class classification problem. Convolution neural network is utilized for feature extraction. This is followed by a deep one-class support vector machine classifier with customized kernel via multiple kernel learning to address the issue of generalization and overfitting. The deep architecture leverages the performance of traditional support vector machine to a large extent. Performance evaluation reveals that the proposed algorithm achieves accuracy of 97.5%. Ablation studies show that our algorithm enhances the accuracy by 2.52–15.2%. Compared with existing work, our algorithm enhances the accuracy by 3.07%. Several future research directions are discussed for further exploration and analysis.

AB - Anomaly detection of network traffic is important for real-time network monitoring and management. The research challenges for anomaly network traffic detection (ANTD) are attributable to the nature of highly imbalanced dataset of abnormal samples and poor generalization. Generating additional training data or undersampling does not perform well with highly imbalanced dataset. The drives to the common formulation of ANTD as an one-class classification problem. Convolution neural network is utilized for feature extraction. This is followed by a deep one-class support vector machine classifier with customized kernel via multiple kernel learning to address the issue of generalization and overfitting. The deep architecture leverages the performance of traditional support vector machine to a large extent. Performance evaluation reveals that the proposed algorithm achieves accuracy of 97.5%. Ablation studies show that our algorithm enhances the accuracy by 2.52–15.2%. Compared with existing work, our algorithm enhances the accuracy by 3.07%. Several future research directions are discussed for further exploration and analysis.

KW - Anomaly detection

KW - Convolutional neural network

KW - Deep support vector machine

KW - Imbalanced dataset

KW - Network traffic

KW - One-class classification

UR - http://www.scopus.com/inward/record.url?scp=85149681377&partnerID=8YFLogxK

U2 - 10.1007/978-3-031-22018-0_23

DO - 10.1007/978-3-031-22018-0_23

M3 - Conference contribution

AN - SCOPUS:85149681377

SN - 9783031220173

T3 - Lecture Notes in Networks and Systems

SP - 248

EP - 256

BT - International Conference on Cyber Security, Privacy and Networking, ICSPN 2022

A2 - Nedjah, Nadia

A2 - Martínez Pérez, Gregorio

A2 - Gupta, B.B.

T2 - International Conference on Cyber Security, Privacy and Networking, ICSPN 2022

Y2 - 9 September 2021 through 11 September 2021

ER -

Chui KT, Gupta BB, Chi HR, Zhao M. Convolutional Neural Network and Deep One-Class Support Vector Machine with Imbalanced Dataset for Anomaly Network Traffic Detection. In Nedjah N, Martínez Pérez G, Gupta BB, editors, International Conference on Cyber Security, Privacy and Networking, ICSPN 2022. 2023. p. 248-256. (Lecture Notes in Networks and Systems). doi: 10.1007/978-3-031-22018-0_23

Convolutional Neural Network and Deep One-Class Support Vector Machine with Imbalanced Dataset for Anomaly Network Traffic Detection

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this