Network Anomaly Traffic Detection Algorithm Based on SVM

In order to guarantee the high level of network security and improve the user experience of the network, in this paper, we propose an effective network anomaly traffic detection algorithm. Firstly, six types of network features are used in our work, such as 1) Number of source IP address, 2) Number of source port number, 3) Number of destination IP address, 4) Number of destination port number, 5) Number of packet type, 6) Number of distinct packets with same packet size. Afterwards, we discuss how to generate normalized entropy for the features which are exploited in the network anomaly traffic detection. Secondly, we convert the network traffic anomaly detection problem to a classification problem, and proposed a hybrid PSO-SVM model to solve it. Finally, experimental results demonstrate that the proposed method can detect different network traffic anomaly behaviors with high accuracy.

[1]  Jonathan Crook,et al.  Enhancing two-stage modelling methodology for loss given default with support vector machines , 2017, Eur. J. Oper. Res..

[2]  Yu Nan,et al.  Hierarchical multi-class classification in multimodal spacecraft data using DNN and weighted support vector machine , 2017, Neurocomputing.

[3]  Shirin Mofavvaz,et al.  Corrigendum to "New model for prediction binary mixture of antihistamine decongestant using artificial neural networks and least squares support vector machine by spectrophotometry method" [Spectrochim. Acta A Mol. Biomol. Spectrosc. 182 (2017) 105-115]. , 2017, Spectrochimica acta. Part A, Molecular and biomolecular spectroscopy.

[4]  Markus Reischl,et al.  Road surface prediction from acoustical measurements in the tire cavity using support vector machine , 2017 .

[5]  Meiyan Wang,et al.  Determination of rice root density from Vis–NIR spectroscopy by support vector machine regression and spectral variable selection techniques , 2017 .

[6]  Xin Zhang,et al.  Adaptive multiclass support vector machine for multimodal data analysis , 2017, Pattern Recognit..

[7]  Zhihan Lv,et al.  Modeling network traffic for traffic matrix estimation and anomaly detection based on Bayesian network in cloud computing networks , 2017, Ann. des Télécommunications.

[8]  June-ho Bang,et al.  Anomaly detection of network-initiated LTE signaling traffic in wireless sensor and actuator networks based on a Hidden semi-Markov Model , 2017, Comput. Secur..

[9]  Hui Tian,et al.  PCA-Based Network Traffic Anomaly Detection , 2016 .

[10]  Peng Zhang,et al.  A traffic anomaly detection approach in communication networks for applications of multimedia medical devices , 2016, Multimedia Tools and Applications.

[11]  Hanghang Tong,et al.  Spatial-temporal traffic flow pattern identification and anomaly detection with dictionary-based compression theory in a large-scale urban network , 2016 .

[12]  Wolfgang Kellerer,et al.  Anomaly Detection and Identification in Large-scale Networks based on Online Time-structured Traffic Tensor Tracking , 2016 .

[13]  Jugal K. Kalita,et al.  A multi-step outlier-based anomaly detection approach to network-wide traffic , 2016, Inf. Sci..

[14]  Ji Zhang,et al.  Detecting anomalies from big network traffic data using an adaptive detection approach , 2015, Inf. Sci..

[15]  Wei Huang,et al.  ENTVis: A Visual Analytic Tool for Entropy-Based Network Traffic Anomaly Detection , 2015, IEEE Computer Graphics and Applications.

[16]  Abdelouahid Derhab,et al.  Lightweight Anomaly-based Intrusion Detection System for Multi-feature Traffic in Wireless Sensor Networks , 2016, Ad Hoc Sens. Wirel. Networks.