Multi-Resolution Analysis with Visualization to Determine Network Attack Patterns

Analyzing network traffic activities is imperative in network security to detect attack patterns. Due to the complex nature of network traffic event activities caused by continuously changing computing environments and software applications, identifying the patterns is one of the challenging research topics. This study focuses on analyzing the effectiveness of integrating Multi-Resolution Analysis (MRA) and visualization in identifying the attack patterns of network traffic activities. In detail, a Discrete Wavelet Transform (DWT) is utilized to extract features from network traffic data and investigate their capability of identifying attacks. For extracting features, various sliding windows and step sizes are tested. Then, visualizations are generated to help users conduct interactive visual analyses to identify abnormal network traffic events. To determine optimal solutions for generating visualizations, an extensive evaluation with multiple intrusion detection datasets has been performed. In addition, classification analysis with three different classification algorithms is managed to understand the effectiveness of using the MRA with visualization. From the study, we generated multiple visualizations associated with various window and step sizes to emphasize the effectiveness of the proposed approach in differentiating normal and attack events by forming distinctive clusters. We also found that utilizing MRA with visualization advances network intrusion detection by generating clearly separated visual clusters.

[1]  E. Subramanian,et al.  Traffic flow monitoring in software-defined network using modified recursive learning , 2023, Phys. Commun..

[2]  M. Atulkar,et al.  An efficient centralized DDoS attack detection approach for Software Defined Internet of Things , 2023, The Journal of Supercomputing.

[3]  Jianjun Yang,et al.  Prediction of Traffic Accident Severity Based on Random Forest , 2023, Journal of Advanced Transportation.

[4]  Y. Wang,et al.  Traffic data extraction and labeling for machine learning based attack detection in IoT networks , 2023, International Journal of Machine Learning and Cybernetics.

[5]  Michael J. De Lucia,et al.  Transfer learning for raw network traffic detection , 2022, Expert Syst. Appl..

[6]  R. Yadav,et al.  Diagnosis of Breast Cancer using Machine Learning Techniques -A Survey , 2023, Procedia Computer Science.

[7]  T. Kumar,et al.  Detection of Network Attacks using Machine Learning and Deep Learning Models , 2023, Procedia Computer Science.

[8]  Tsehay Admassu Assegie,et al.  Evaluation of Bernoulli Naive Bayes model for detection of distributed denial of service attacks , 2023, Bulletin of Electrical Engineering and Informatics.

[9]  M. Natkaniec,et al.  Internet Threat Detection in Smart Grids Based on Network Traffic Analysis Using LSTM, IF, and SVM , 2022, Energies.

[10]  Geeta R. Bharamagoudar,et al.  Diabetes disease detection and classification on Indian demographic and health survey data using machine learning methods. , 2022, Diabetes & metabolic syndrome.

[11]  Charles A. Kamhoua,et al.  Forecasting network events to estimate attack risk: Integration of wavelet transform and vector auto regression with exogenous variables , 2022, J. Netw. Comput. Appl..

[12]  Yitian Xu,et al.  Multi-variable estimation-based safe screening rule for small sphere and large margin support vector machine , 2020, Knowl. Based Syst..

[13]  Tran Duc Chung,et al.  Performance Analysis of Machine Learning Algorithms in Intrusion Detection System: A Review , 2020 .

[14]  Iqbal Gondal,et al.  Survey of intrusion detection systems: techniques, datasets and challenges , 2019, Cybersecurity.

[15]  Imed Riadh Farah,et al.  Wavelet Transform Application for/in Non-Stationary Time-Series Analysis: A Review , 2019, Applied Sciences.

[16]  Ali A. Ghorbani,et al.  Toward Generating a New Intrusion Detection Dataset and Intrusion Traffic Characterization , 2018, ICISSP.

[17]  Luis Muñoz-González,et al.  Don't fool Me!: Detection, Characterisation and Diagnosis of Spoofed and Masked Events in Wireless Sensor Networks , 2017, IEEE Transactions on Dependable and Secure Computing.

[18]  Dong Hyun Jeong,et al.  A multi-level intrusion detection method for abnormal network behaviors , 2016, J. Netw. Comput. Appl..

[19]  Biju Issac,et al.  Analysis of Intelligent Classifiers and Enhancing the Detection Accuracy for Intrusion Detection System , 2015, Int. J. Comput. Intell. Syst..

[20]  Shouhuai Xu,et al.  Correction: Spatiotemporal Patterns and Predictability of Cyberattacks , 2015, PloS one.

[21]  Sunil Nilkanth Pawar,et al.  Genetic algorithm with variable length chromosomes for network intrusion detection , 2015, International Journal of Automation and Computing.

[22]  D. Jeong,et al.  Designing an Internet Traffic Predictive Model by Applying a Signal Processing Method , 2015, Journal of Network and Systems Management.

[23]  Santosh Kumar,et al.  Genetic Algorithms in Intrusion Detection Systems: A Survey , 2014 .

[24]  Ali A. Ghorbani,et al.  A Survey of Visualization Systems for Network Security , 2012, IEEE Transactions on Visualization and Computer Graphics.

[25]  X. Chen,et al.  Random forests for genomic data analysis. , 2012, Genomics.

[26]  Hiroki Takakura,et al.  Statistical analysis of honeypot data and building of Kyoto 2006+ dataset for NIDS evaluation , 2011, BADGERS '11.

[27]  Lei Zhang,et al.  Performance Evaluation of Five Machine Learning Algorithms and Three Feature Selection Algorithms for IP Traffic Classification , 2011 .

[28]  Eyas El-Qawasmeh,et al.  Informatics Engineering and Information Science , 2011 .

[29]  George Karabatis,et al.  Discrete wavelet transform-based time series analysis and mining , 2011, CSUR.

[30]  Snehal A. Mulay,et al.  Intrusion Detection System using Support Vector Machine and Decision Tree , 2010 .

[31]  Antonio Pescapè,et al.  A cascade architecture for DoS attacks detection based on the wavelet transform , 2009, J. Comput. Secur..

[32]  Nicolás García-Pedrajas,et al.  Boosting k-nearest neighbor classifier by means of input space projection , 2009, Expert Syst. Appl..

[33]  Xenofontas A. Dimitropoulos,et al.  Histogram-based traffic anomaly detection , 2009, IEEE Transactions on Network and Service Management.

[34]  Mia Hubert,et al.  Computational Statistics and Data Analysis Robust Pca for Skewed Data and Its Outlier Map , 2022 .

[35]  Grenville J. Armitage,et al.  A survey of techniques for internet traffic classification using machine learning , 2008, IEEE Communications Surveys & Tutorials.

[36]  Jung-Min Park,et al.  An overview of anomaly detection techniques: Existing solutions and latest technological trends , 2007, Comput. Networks.

[37]  J. Tiedje,et al.  Naïve Bayesian Classifier for Rapid Assignment of rRNA Sequences into the New Bacterial Taxonomy , 2007, Applied and Environmental Microbiology.

[38]  Zhang Yi,et al.  A hierarchical intrusion detection model based on the PCA neural networks , 2007, Neurocomputing.

[39]  Bhavani M. Thuraisingham,et al.  A new intrusion detection system using support vector machines and hierarchical clustering , 2007, The VLDB Journal.

[40]  Yun Wang,et al.  A multinomial logistic regression modeling approach for anomaly intrusion detection , 2005, Comput. Secur..

[41]  Ajith Abraham,et al.  Feature deduction and ensemble design of intrusion detection systems , 2005, Comput. Secur..

[42]  Zied Elouedi,et al.  Naive Bayes vs decision trees in intrusion detection systems , 2004, SAC '04.

[43]  J. Crowcroft,et al.  Honeycomb: creating intrusion detection signatures using honeypots , 2004, Comput. Commun. Rev..

[44]  Paul Barford,et al.  A signal analysis of network traffic anomalies , 2002, IMW '02.

[45]  C. Torrence,et al.  A Practical Guide to Wavelet Analysis. , 1998 .

[46]  Thomas L. Griffiths,et al.  Advances in Neural Information Processing Systems 21 , 1993, NIPS 2009.

[47]  Stéphane Mallat,et al.  A Theory for Multiresolution Signal Decomposition: The Wavelet Representation , 1989, IEEE Trans. Pattern Anal. Mach. Intell..