Detection of Attacks in Network Traffic with the Autoencoder-Based Unsupervised Learning Method
The effects of attacks on network systems and the extent of damages caused by them tend to increase every day. Solutions based on machine learning algorithms have started to be developed in order to develop appropriate defense systems by detecting attacks in a timely and effective manner. This study...
Saved in:
| Main Author: | |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Istanbul University Press
2022-12-01
|
| Series: | Acta Infologica |
| Subjects: | |
| Online Access: | https://cdn.istanbul.edu.tr/file/JTA6CLJ8T5/666A55C72A5043F2938BF750B5430214 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1850195162129498112 |
|---|---|
| author | Yalçın Özkan |
| author_facet | Yalçın Özkan |
| author_sort | Yalçın Özkan |
| collection | DOAJ |
| description | The effects of attacks on network systems and the extent of damages caused by them tend to increase every day. Solutions based on machine learning algorithms have started to be developed in order to develop appropriate defense systems by detecting attacks in a timely and effective manner. This study focuses on detecting abnormal traffic on networks through deep learning algorithms, and a deep autoencoder model architecture that can be used to detect attacks is recommended. To this end, an autoencoder model is first obtained by training the normal dataset without class labels in an unsupervised manner with an autoencoder, and a threshold value is obtained by running this model with small size test data with normal attack observations. The threshold value is calculated as a value that will optimize the model performance. It is observed that supervised learning methods lead to difficulties and cost increases in the detection of cyber-attacks and the labeling process. The threshold value is calculated using only small test data without resorting to labeling in order to overcome these costs and save time, and the incoming up-to-date network traffic information is classified based on this threshold value. |
| format | Article |
| id | doaj-art-366d56ec00174056a2b4b2abadff8410 |
| institution | OA Journals |
| issn | 2602-3563 |
| language | English |
| publishDate | 2022-12-01 |
| publisher | Istanbul University Press |
| record_format | Article |
| series | Acta Infologica |
| spelling | doaj-art-366d56ec00174056a2b4b2abadff84102025-08-20T02:13:49ZengIstanbul University PressActa Infologica2602-35632022-12-016219920710.26650/acin.1142806123456Detection of Attacks in Network Traffic with the Autoencoder-Based Unsupervised Learning MethodYalçın Özkan0https://orcid.org/0000-0002-3551-7021İstinye Üniversitesi, Istanbul, TurkiyeThe effects of attacks on network systems and the extent of damages caused by them tend to increase every day. Solutions based on machine learning algorithms have started to be developed in order to develop appropriate defense systems by detecting attacks in a timely and effective manner. This study focuses on detecting abnormal traffic on networks through deep learning algorithms, and a deep autoencoder model architecture that can be used to detect attacks is recommended. To this end, an autoencoder model is first obtained by training the normal dataset without class labels in an unsupervised manner with an autoencoder, and a threshold value is obtained by running this model with small size test data with normal attack observations. The threshold value is calculated as a value that will optimize the model performance. It is observed that supervised learning methods lead to difficulties and cost increases in the detection of cyber-attacks and the labeling process. The threshold value is calculated using only small test data without resorting to labeling in order to overcome these costs and save time, and the incoming up-to-date network traffic information is classified based on this threshold value.https://cdn.istanbul.edu.tr/file/JTA6CLJ8T5/666A55C72A5043F2938BF750B5430214deep learningautoencodersunsupervised learning |
| spellingShingle | Yalçın Özkan Detection of Attacks in Network Traffic with the Autoencoder-Based Unsupervised Learning Method Acta Infologica deep learning autoencoders unsupervised learning |
| title | Detection of Attacks in Network Traffic with the Autoencoder-Based Unsupervised Learning Method |
| title_full | Detection of Attacks in Network Traffic with the Autoencoder-Based Unsupervised Learning Method |
| title_fullStr | Detection of Attacks in Network Traffic with the Autoencoder-Based Unsupervised Learning Method |
| title_full_unstemmed | Detection of Attacks in Network Traffic with the Autoencoder-Based Unsupervised Learning Method |
| title_short | Detection of Attacks in Network Traffic with the Autoencoder-Based Unsupervised Learning Method |
| title_sort | detection of attacks in network traffic with the autoencoder based unsupervised learning method |
| topic | deep learning autoencoders unsupervised learning |
| url | https://cdn.istanbul.edu.tr/file/JTA6CLJ8T5/666A55C72A5043F2938BF750B5430214 |
| work_keys_str_mv | AT yalcınozkan detectionofattacksinnetworktrafficwiththeautoencoderbasedunsupervisedlearningmethod |