A Two-Stage Anomaly Detection Method Based on User Preference Features and the Deep Fusion Model-Reference-Cited by-同舟云学术

A Two-Stage Anomaly Detection Method Based on User Preference Features and the Deep Fusion Model

Published:2023-05-19 Issue:10 Volume:13 Page:6217
ISSN:2076-3417
Container-title:Applied Sciences
language:en
Short-container-title:Applied Sciences

Author:

Zhang Sen-Lei¹²,Zhang Bin¹²,Zhou Yi-Tao¹²,Guo Yue-Xuan¹²,Tan Jing-Lei¹²^ORCID

Affiliation:

1. SSF Information Engineering University, Zhengzhou 450001, China

2. Key Laboratory of Information Security, Zhengzhou 450001, China

Abstract

Rapid and accurate anomaly traffic detection is one of the most important research problems in cyberspace situational awareness. In order to improve the accuracy and efficiency of the detection, a two-stage anomaly detection method based on user preference features and a deep fusion model is proposed. First, a user-preference list of attack detection tasks is constructed based on the resilient distributed dataset. Following that, the detection tasks are divided into multiple stages according to the detection framework, which allows multiple worker hosts to work in parallel. Finally, a deep fusion classifier is trained using the features extracted from the input traffic data. Experimental results indicate that the proposed method achieves better detection accuracy compared to the existing typical methods. Furthermore, compared with stand-alone detection, the proposed method can effectively improve the time efficiencies of the model’s training and testing to a large extent. The ablation experiment justifies the use of the machine learning method.

Publisher

MDPI AG

Subject

Fluid Flow and Transfer Processes,Computer Science Applications,Process Chemistry and Technology,General Engineering,Instrumentation,General Materials Science

Link

https://www.mdpi.com/2076-3417/13/10/6217/pdf

Reference19 articles.

1. Chacon, H., Silva, S., and Rad, P. (2019, January 4–6). Deep learning poison data attack detection. Proceedings of the 2019 IEEE 31st International Conference on Tools with Artificial Intelligence, Portland, OR, USA.

2. Automatically traceback RDP-based targeted ransomware attacks;Wang;Wire-Less Commun. Mob. Comput.,2018

3. Feature selection of denial-of-service attacks using entropy and granu-lar computing;Khan;Arab. J. Sci. Eng.,2018

4. Potluri, S., and Diedrich, C. (2016, January 6–9). Accelerated deep neural networks for enhanced intrusion detection system. Proceedings of the 2016 IEEE 21st Inter-National Conference on Emerging Technologies and Factory Automation (ETFA), Berlin, Germany.

5. Variational transformer-based anomaly detection approach for multivariate time series;Wang;Measurement,2022