28 September 2016 Evaluation of multilayer perceptron algorithms for an analysis of network flow data
Author Affiliations +
Proceedings Volume 10031, Photonics Applications in Astronomy, Communications, Industry, and High-Energy Physics Experiments 2016; 100314G (2016) https://doi.org/10.1117/12.2248876
Event: Photonics Applications in Astronomy, Communications, Industry, and High-Energy Physics Experiments 2016, 2016, Wilga, Poland
Abstract
The volume of exchanged information through IP networks is larger than ever and still growing. It creates a space for both benign and malicious activities. The second one raises awareness on security network devices, as well as network infrastructure and a system as a whole. One of the basic tools to prevent cyber attacks is Network Instrusion Detection System (NIDS). NIDS could be realized as a signature-based detector or an anomaly-based one. In the last few years the emphasis has been placed on the latter type, because of the possibility of applying smart and intelligent solutions. An ideal NIDS of next generation should be composed of self-learning algorithms that could react on known and unknown malicious network activities respectively. In this paper we evaluated a machine learning approach for detection of anomalies in IP network data represented as NetFlow records. We considered Multilayer Perceptron (MLP) as the classifier and we used two types of learning algorithms – Backpropagation (BP) and Particle Swarm Optimization (PSO). This paper includes a comprehensive survey on determining the most optimal MLP learning algorithm for the classification problem in application to network flow data. The performance, training time and convergence of BP and PSO methods were compared. The results show that PSO algorithm implemented by the authors outperformed other solutions if accuracy of classifications is considered. The major disadvantage of PSO is training time, which could be not acceptable for larger data sets or in real network applications. At the end we compared some key findings with the results from the other papers to show that in all cases results from this study outperformed them.
© (2016) COPYRIGHT Society of Photo-Optical Instrumentation Engineers (SPIE). Downloading of the abstract is permitted for personal use only.
Jędrzej Bieniasz, Jędrzej Bieniasz, Mariusz Rawski, Mariusz Rawski, Krzysztof Skowron, Krzysztof Skowron, Mateusz Trzepiński, Mateusz Trzepiński, } "Evaluation of multilayer perceptron algorithms for an analysis of network flow data", Proc. SPIE 10031, Photonics Applications in Astronomy, Communications, Industry, and High-Energy Physics Experiments 2016, 100314G (28 September 2016); doi: 10.1117/12.2248876; https://doi.org/10.1117/12.2248876
PROCEEDINGS
13 PAGES


SHARE
Back to Top