A Semi-Supervised Anomaly Network Traffic Detection Framework via Multimodal Traffic Information Fusion
Authors: 
Yu Zheng, Xinglin Lian, Zhangxuan Dang, Chunlei Peng, Chao Yang, Jianfeng MaAuthors Info & Claims
Yu Zheng, Xinglin Lian, Zhangxuan Dang, Chunlei Peng, Chao Yang, Jianfeng MaAuthors Info & ClaimsPages 4455 - 4459
Abstract
Anomaly traffic detection is a crucial issue in the cyber-security field. Previously, many researchers regarded anomaly traffic detection as a supervised classification problem. However, in real scenarios, anomaly network traffic is unpredictable, dynamically changing and difficult to collect. To address these limitations, we employ anomaly detection setting to propose a novel semi-supervised anomaly network traffic detection framework. It only learns features of normal samples during the training phase. Our framework utilizes low-pass filtering to extract multi-scale low-frequency information from 2-D traffic image. Furthermore, we design a two-stage fusion scheme to incorporate information from original and multi-scale low-frequency traffic image modalities. We conduct experiments on two public datasets: ISCX Tor-nonTor and USTC-TFC2016. The experimental results show that our method outperforms current state-of-the-art anomaly detection methods.
References
[1]
Nilesh A Ahuja, Ibrahima Ndiour, Trushant Kalyanpur, and Omesh Tickoo. 2019. Probabilistic modeling of deep features for out-of-distribution and adversarial detection. arXiv preprint arXiv:1909.11786 (2019).
[2]
Samet Akcay, Dick Ameln, Ashwin Vaidya, Barath Lakshmanan, Nilesh Ahuja, and Utku Genc. 2022. Anomalib: A Deep Learning Library for Anomaly Detection. arXiv:2202.08341 [cs.CV]
[3]
Samet Akcay, Amir Atapour-Abarghouei, and Toby P Breckon. 2019. Ganomaly: Semi-supervised anomaly detection via adversarial training. In ACCV. 622--637.
[4]
Alberto Dainotti, Antonio Pescape, and Kimberly C Claffy. 2012. Issues and future directions in traffic classification. IEEE network 26, 1 (2012), 35--40.
[5]
Thomas Defard, Aleksandr Setkov, Angelique Loesch, and Romaric Audigier. 2021. Padim: a patch distribution modeling framework for anomaly detection and localization. In ICPR Workshops. 475--489.
[6]
Hanqiu Deng and Xingyu Li. 2022. Anomaly detection via reverse distillation from one-class embedding. In CVPR. 9737-- 9746.
[7]
Ziye Deng, Guoqing Qian, Zhouguo Chen, and Hong Su. 2017. Identifying Tor Anonymous Traffic Based on Gravitational Clustering Analysis. In 2017 9th International Conference on Intelligent Human-Machine Systems and Cybernetics (IHMSC), Vol. 2. 79--83. https://doi.org/10.1109/IHMSC.2017.133
[8]
Denis Gudovskiy, Shun Ishizaka, and Kazuki Kozuka. 2022. Cflow-ad: Real-time unsupervised anomaly detection with localization via conditional normalizing flows. In WACV. 98-- 107.
[9]
Jin Huang and Charles X Ling. 2005. Using AUC and accuracy in evaluating learning algorithms. IEEE Transactions on knowledge and Data Engineering 17, 3 (2005), 299--310.
[10]
Ahmad Javaid, Quamar Niyaz, Weiqing Sun, and Mansoor Alam. 2016. A deep learning approach for network intrusion detection system. In BICT. 21--26.
[11]
Arash Habibi Lashkari, Gerard Draper-Gil, Mohammad Saiful Islam Mamun, Ali A Ghorbani, et al. 2017. Characterization of tor traffic using time based features. In ICISSp. 253--262.
[12]
Yanmiao Li, Yingying Xu, Zhi Liu, Haixia Hou, Yushuo Zheng, Yang Xin, Yuefeng Zhao, and Lizhen Cui. 2020. Robust detection for network intrusion of industrial IoT based on multi- CNN fusion. Measurement 154 (2020), 107450.
[13]
Mohammad Lotfollahi, Mahdi Jafari Siavoshani, Ramin Shirali Hossein Zade, and Mohammdsadegh Saberian. 2020. Deep packet: A novel approach for encrypted traffic classification using deep learning. Soft Computing 24, 3 (2020), 1999--2012.
[14]
Diganta Misra, Trikay Nalamada, Ajay Uppili Arasanipalai, and Qibin Hou. 2021. Rotate to attend: Convolutional triplet attention module. In WACV. 3139--3148.
[15]
Fannia Pacheco, Ernesto Exposito, Mathieu Gineste, Cedric Baudoin, and Jose Aguilar. 2018. Towards the deployment of machine learning solutions in network traffic classification: A systematic survey. IEEE Communications Surveys & Tutorials 21, 2 (2018), 1988--2014.
[16]
Ferry Astika Saputra, Isbat Uzzin Nadhori, and Balighani Fathul Barry. 2016. Detecting and blocking onion router traffic using deep packet inspection. In 2016 International Electronics Symposium (IES). 283--288. https://doi.org/10.1109/ELECSYM.2016.7861018
[17]
Zhenping Shi, Jie Li, Chentao Wu, and Jinyuan Li. 2019. Deep- Window: An efficient method for online network traffic anomaly detection. In HPCC. 2403--2408.
[18]
GuodongWang, Shumin Han, Errui Ding, and Di Huang. 2021. Student-teacher feature pyramid matching for anomaly detection. arXiv preprint arXiv:2103.04257 (2021).
[19]
Wei Wang, Yiqiang Sheng, Jinlin Wang, Xuewen Zeng, Xiaozhou Ye, Yongzhong Huang, and Ming Zhu. 2017. HASTIDS: Learning hierarchical spatial-temporal features using deep neural networks to improve intrusion detection. IEEE access 6 (2017), 1792--1806.
[20]
WeiWang, Ming Zhu, Xuewen Zeng, Xiaozhou Ye, and Yiqiang Sheng. 2017. Malware traffic classification using convolutional neural network for representation learning. In ICOIN. 712-- 717.
[21]
Sanghyun Woo, Jongchan Park, Joon-Young Lee, and In So Kweon. 2018. Cbam: Convolutional block attention module. In ECCV. 3--19.
[22]
Yingfei Xu, Yong Tang, and Qiang Yang. 2020. Deep learning for IoT intrusion detection based on LSTMs-AE. In AIAM. 64-- 68.
[23]
Yibo Xue, Dawei Wang, and Luoshi Zhang. 2013. Traffic classification: Issues and challenges. In ICNC. 545--549.
[24]
Jie Yang, Ruijie Xu, Zhiquan Qi, and Yong Shi. 2021. Visual anomaly detection for images: A survey. arXiv preprint arXiv:2109.13157 (2021).
[25]
Jiawei Yu, Ye Zheng, Xiang Wang, Wei Li, Yushuang Wu, Rui Zhao, and Liwei Wu. 2021. Fastflow: Unsupervised anomaly detection and localization via 2d normalizing flows. arXiv preprint arXiv:2111.07677 (2021).
[26]
Vitjan Zavrtanik, Matej Kristan, and Danijel Sko?aj. 2021. Draem-a discriminatively trained reconstruction embedding for surface anomaly detection. In ICCV. 8330--8339.
[27]
Houssam Zenati, Manon Romain, Chuan-Sheng Foo, Bruno Lecouat, and Vijay Chandrasekhar. 2018. Adversarially learned anomaly detection. In ICDM. 727--736.
Index Terms
- A Semi-Supervised Anomaly Network Traffic Detection Framework via Multimodal Traffic Information Fusion
Recommendations
Incorporating Network Structure with Node Information for Semi-supervised Anomaly Detection on Attributed Graphs
Web Information Systems Engineering – WISE 2021AbstractAnomaly detection on attributed graphs has attracted lots of research attention recently. A great deal of existing work focuses on unsupervised anomaly detection. However, in practical applications, we can obtain some labeled instances by experts, ...
RETRACTED: Personalized federated learning framework for network traffic anomaly detection
This article has been retracted: please see Elsevier Policy on Article Withdrawal ().
This article has been retracted at the request of the Authors.
The outcomes of the experiments were obtained with a single ...
Network Anomaly Detection Based on Traffic Prediction
SCALCOM-EMBEDDEDCOM '09: Proceedings of the 2009 International Conference on Scalable Computing and Communications; Eighth International Conference on Embedded ComputingAs the development of Internet, it is more and more difficult to detect anomaly promptly and precisely. In this paper, we proposed an anomaly detection algorithm based on the predicting of multi-level wavelet detail signals synchronously. Firstly, ...
Comments
Information & Contributors
Information
Published In
October 2023
5508 pages
ISBN:9798400701245
DOI:10.1145/3583780
- General Chairs:
- Ingo Frommholz,
- Frank Hopfgartner,
- Mark Lee,
- Michael Oakes,
- Program Chairs:
- Mounia Lalmas,
- Min Zhang,
- Rodrygo Santos
Copyright © 2023 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Sponsors
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 21 October 2023
Check for updates
Author Tags
Qualifiers
- Short-paper
Conference
CIKM '23: The 32nd ACM International Conference on Information and Knowledge Management
October 21 - 25, 2023
Birmingham, United Kingdom
Acceptance Rates
Overall Acceptance Rate 1,861 of 8,427 submissions, 22%
Upcoming Conference
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 230Total Downloads
- Downloads (Last 12 months)201
- Downloads (Last 6 weeks)12
Reflects downloads up to 09 Nov 2024
Other Metrics
Citations
View Options
Get Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in