Machine Learning Based Network Anomaly Detection
Mohammad Kazim Hooshmand1, Doreswamy2
1Mohammad Kazim, Computer Science, Mangalore University, Mangalore, Karnataka, India.
2Dr. Doreswamy, Computer Science, Mangalore University, Mangalore, Karnataka, India.
Manuscript received on November 15, 2019. | Revised Manuscript received on November 23, 2019. | Manuscript published on November 30, 2019. | PP: 542-548 | Volume-8 Issue-4, November 2019. | Retrieval Number: D7271118419/2019©BEIESP | DOI: 10.35940/ijrte.D7271.118419
Open Access | Ethics and Policies | Cite | Mendeley | Indexing and Abstracting
© The Authors. Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open access article under the CC-BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Abstract: Network Anomaly Detection Systems (NADSs) play prominent role in network security. Due to dynamic change of malware in network traffic data, traditional tools and techniques are failing to protect networks from attack penetration. In this paper we propose a two-phase model to detect and categorize anomalies. First, we selected Random Forest based on the highest accuracy-score out of eleven commonly used algorithms tested with the same set of data. The RF is used to detect anomalies and generate an extra feature named “attack-or-not”. Secondly we fed Neural Network with the data having “attack-or-not” feature to differentiate attack categories, which will help treating each type accordingly. The model performance was good, it scored 0.99 for both Precision and Recall in anomaly detection phase and 0.93 for Precision and 0.88 for Recall in attack categorization phase. We used UNSW-NB15 data set in our study.
Keywords: Machine Learning, Neural Network, Cyber Security, Network Anomaly Detection and UNSW-NB15.
Scope of the Article: Machine Learning.