ENHANCING NETWORK SECURITY WITH ARTIFICIAL INTELLIGENCE-BASED TRAFFIC ANOMALY DETECTION IN BIG DATA SYSTEMS
Keywords:
Network Security, Traffic analysis, Anomaly Detection, attack, Big Data Systems, CICIDS 2017 dataset, LSTMAbstract
In the intelligent operation and maintenance of data assets, the threshold triggering of network anomaly detection is mainly based on a single parameter, which has a high false positive rate and low efficiency. Proposed anomaly detection method is a machine learning approach to effectively and successfully detect network anomalies. The main objective of this research is to discover security anomalies in networks by utilising ML and DL techniques. Many models, including LSTM, NB, and SVM, were trained and evaluated on the CICIDS2017 dataset, utilising accuracy, precision, recall, and F1-score as performance metrics. Such features as accuracy 98,2%, recall 99%, and F1-score certified LSTM model as a reliable tool for anomaly detection in network security and its results outperformed other examined models. The author of the study is also careful to note this and the following potential shortcomings, including model overfitting and testing was not conducted in real-time. The future work will involve methods to prevent overfitting using regularisation, attempt to combine different architectures and carry out a real-life network test to verify the realism of the model for real-life use.
