About: In the face of endless cyberattacks, many researchers have proposed machine learning-based network anomaly detection technologies. Traditional statistical features of network flows are manually extracted and rely heavily on expert knowledge, while classifiers based on statistical features have a high false-positive rate. The communications between different hosts forms graphs, which contain a large number of latent features. By combining statistical features with these latent features, we can train better machine learning classifiers. Therefore, we propose a novel network anomaly detection method that can use latent features in graphs and reduce the false positive rate of anomaly detection. We convert network traffic into first-order and second-order graph. The first-order graph learns the latent features from the perspective of a single host, and the second-order graph learns the latent features from a global perspective. This feature extraction process does not require manual participation or expert knowledge. We use these features to train machine learning algorithm classifiers for detecting network anomalies. We conducted experiments on two real-world datasets, and the results show that our approach allows for better learning of latent features and improved accuracy of anomaly detection. In addition, our method has the ability to detect unknown attacks.   Goto Sponge  NotDistinct  Permalink

An Entity of Type : fabio:Abstract, within Data Space : covidontheweb.inria.fr associated with source document(s)

AttributesValues
type
value
  • In the face of endless cyberattacks, many researchers have proposed machine learning-based network anomaly detection technologies. Traditional statistical features of network flows are manually extracted and rely heavily on expert knowledge, while classifiers based on statistical features have a high false-positive rate. The communications between different hosts forms graphs, which contain a large number of latent features. By combining statistical features with these latent features, we can train better machine learning classifiers. Therefore, we propose a novel network anomaly detection method that can use latent features in graphs and reduce the false positive rate of anomaly detection. We convert network traffic into first-order and second-order graph. The first-order graph learns the latent features from the perspective of a single host, and the second-order graph learns the latent features from a global perspective. This feature extraction process does not require manual participation or expert knowledge. We use these features to train machine learning algorithm classifiers for detecting network anomalies. We conducted experiments on two real-world datasets, and the results show that our approach allows for better learning of latent features and improved accuracy of anomaly detection. In addition, our method has the ability to detect unknown attacks.
Subject
  • Data mining
  • Machine learning
  • Data security
  • Social constructionism
  • Statistical outliers
  • Statistical classification
  • Attacks by method
part of
is abstract of
is hasSource of
Faceted Search & Find service v1.13.91 as of Mar 24 2020


Alternative Linked Data Documents: Sponger | ODE     Content Formats:       RDF       ODATA       Microdata      About   
This material is Open Knowledge   W3C Semantic Web Technology [RDF Data]
OpenLink Virtuoso version 07.20.3229 as of Jul 10 2020, on Linux (x86_64-pc-linux-gnu), Single-Server Edition (94 GB total memory)
Data on this page belongs to its respective rights holders.
Virtuoso Faceted Browser Copyright © 2009-2025 OpenLink Software