File(s) stored somewhere else

Please note: Linked content is NOT stored on CQUniversity and we can't guarantee its availability, quality, security or accept any liability.

Improving performance of autoencoder-based network anomaly detection on NSL-KDD dataset

journal contribution
posted on 23.11.2021, 23:10 by Wen Xu, Julian Jang-Jaccard, Amardeep Singh, Yuanyuan Wei, Fariza SabrinaFariza Sabrina
Network anomaly detection plays a crucial role as it provides an effective mechanism to block or stop cyberattacks. With the recent advancement of Artificial Intelligence (AI), there has been a number of Autoencoder (AE) based deep learning approaches for network anomaly detection to improve our posture towards network security. The performance of existing state-of-the-art AE models used for network anomaly detection varies without offering a holistic approach to understand the critical impacts of the core set of important performance indicators of AE models and the detection accuracy. In this study, we propose a novel 5-layer autoencoder (AE)-based model better suited for network anomaly detection tasks. Our proposal is based on the results we obtained through an extensive and rigorous investigation of several performance indicators involved in an AE model. In our proposed model, we use a new data pre-processing methodology that transforms and removes the most affected outliers from the input samples to reduce model bias caused by data imbalance across different data types in the feature set. Our proposed model utilizes the most effective reconstruction error function which plays an essential role for the model to decide whether a network traffic sample is normal or anomalous. These sets of innovative approaches and the optimal model architecture allow our model to be better equipped for feature learning and dimension reduction thus producing better detection accuracy as well as f1-score. We evaluated our proposed model on the NSL-KDD dataset which outperformed other similar methods by achieving the highest accuracy and f1-score at 90.61% and 92.26% respectively in detection.

History

Volume

9

Start Page

140136

End Page

140146

Number of Pages

11

eISSN

2169-3536

Publisher

IEEE

Additional Rights

CC BY 4.0

Peer Reviewed

Yes

Open Access

Yes

Acceptance Date

27/09/2021

External Author Affiliations

Massey University, NZ

Era Eligible

Yes

Journal

IEEE Access