Evaluation of Multilayer Perceptron algorithms for an analysis of network flow data

Jędrzej Bieniasz , Mariusz Rawski , Krzysztof Skowron , Mateusz Trzepiński

Abstract

The volume of exchanged information through IP networks is the largest than ever and still grows up. It creates a space for both benign and malicious activities. The second ones rise awareness on security of network devices, as well as network infrastructure and a system as a whole. One of the basic tools to prevent cyber attacks is Network Instrusion Detection System (NIDS). NIDS could be realized as a signature-based detector or an anomaly-based one. In the last few years the emphasis has been placed on the latter type, because of the possibility of applying smart and intelligent solutions. An ideal NIDS of next generation should be composed of self-learning algorithms that could react on known and unknown malicious network activities respectively. In this paper we evaluated a machine learning approach for detection of anomalies in IP network data represented as NetFlow records. We considered Multilayer Perceptron (MLP) as the classifier and we used two types of learning algorithms – Backpropagation (BP) and Particle Swarm Optimization (PSO). This paper includes a comprehensive survey on determining the most optimal MLP learning algorithm for the classification problem in application to network flow data. The performance, training time and convergence of BP and PSO methods were compared. The results show that PSO algorithm implemented by the authors outperformed other solutions if accuracy of classifications is considered. The major disadvantage of PSO is training time, which could be not acceptable for larger data sets or in real network applications. At the end we compared some key findings with the results from the other papers to show that in all cases results from this study outperformed them.
Author Jędrzej Bieniasz IT
Jędrzej Bieniasz,,
- The Institute of Telecommunications
, Mariusz Rawski IT
Mariusz Rawski,,
- The Institute of Telecommunications
, Krzysztof Skowron IT
Krzysztof Skowron,,
- The Institute of Telecommunications
, Mateusz Trzepiński IT
Mateusz Trzepiński,,
- The Institute of Telecommunications
Pages100314G-1 - 100314G-13
Publication size in sheets0.3
Book Romaniuk Ryszard (eds.): Proc. SPIE. 10031, Photonics Applications in Astronomy, Communications, Industry, and High-Energy Physics Experiments 2016, vol. 10031, 2016, SPIE , ISBN 9781510604858, [781510604865 (electronic) ], 1170 p., DOI:10.1117/12.2257157
Keywords in EnglishNetwork Intrusion Detection Systems, Flow-based anomaly detection, NetFlow, Machine Learning, Neural Networks, Backpropagation, Particle Swarm Optimization
DOIDOI:10.1117/12.2248876
projectThe Develpment of Digital Communicatios. Project leader: Siuzdak Jerzy, , Phone: +48 22 234-7232, start date 27-04-2015, end date 31-12-2016, IT/2015/statut, Completed
WEiTI Działalność statutowa
Languageen angielski
File
2016 Rawski Evaluation of Multilayer Perceptron algorithms.pdf 391.96 KB
Score (nominal)15
ScoreMinisterial score = 15.0, 27-03-2017, BookChapterMatConf
Ministerial score (2013-2016) = 15.0, 27-03-2017, BookChapterMatConf
Citation count*0 (2018-06-17)
Cite
Share Share

Get link to the record
msginfo.png


* presented citation count is obtained through Internet information analysis and it is close to the number calculated by the Publish or Perish system.
Back