Dimensionality Reduction for Network Anomalies Detection: A Deep Learning Approach

  • Ahmed DawoudEmail author
  • Seyed Shahristani
  • Chun Raun
Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 927)


Cyber threats are a severed challenge in current communications networks. Several security measures were introduced to at different network layers to enhance security. One of the common networking security solutions is intrusion detection and prevention systems, with more focus on detecting the attacks. Various approaches are being used in network threat detection, for instance, signature-based and anomalies detection methods. Signature-based depends on a database of predefined attacks signature, in operation, the systems compare the traffic against the signature, if a match occurs, then an attack is identified. This approach cannot detect attacks that do not have a signature in the database. The anomalies detection approach utilizing various approaches to define the threats, for instance, statistical, and machine learning algorithms. Several machine learning algorithms had been used for network anomalies detection. A major common deficiency was poor accuracy, which kept the approach not industrially applicable. In this paper, we propose a framework for network anomalies detection. The proposed framework showed improvement in detection accuracy. The framework adopts semi-unsupervised algorithms for novelty detection to tackle the rapid development in the cyber security attacks. The framework embraces the unsupervised deep learning in more elegant technique, where it dramatically reduces the features from the first phase.


  1. 1.
    Ghorbani, A.A., Lu, W., Tavallaee, M.: Network Intrusion Detection and Prevention Concepts and Techniques. Springer, New York (2010)CrossRefGoogle Scholar
  2. 2.
    Mudzingwa, D., Agrawal, R.: A study of methodologies used in intrusion detection and prevention systems (IDPS). In: 2012 Proceedings of IEEE SoutheastCon, pp. 1–6, 15–18 March 2012Google Scholar
  3. 3.
    Chandola, V., Banerjee, A., Kumar, V.: Anomaly detection for discrete sequences: a survey. IEEE Trans. Knowl. Data Eng. 24(5), 823–839 (2012)CrossRefGoogle Scholar
  4. 4.
    Hinton, G.E., Osindero, S., The, Y.W.: A fast learning algorithm for deep belief nets. Neural Comput. 18, 1527–1554 (2006). Scholar
  5. 5.
    Krizhevsky, A., Sutskever, I., Hinton, G.: ImageNet classification with deep convolutional neural networks. In: NIPS (2012)Google Scholar
  6. 6.
    Schmidhuber, J.: Deep learning in neural networks: an overview. Neural Netw. 61, 85–117 (2015)CrossRefGoogle Scholar
  7. 7.
    Mohamed, A., Dahl, G., Hinton, G.: Acoustic modelling using deep belief networks. IEEE Trans. Audio Speech Lang. Process. 20(1), 14–22 (2012)CrossRefGoogle Scholar
  8. 8.
    Dong, B., Wang, X.: Comparison deep learning method to traditional methods using for network intrusion detection. In: 2016 8th IEEE International Conference on Communication Software and Networks (ICCSN), Beijing, pp. 581–585 (2016)Google Scholar
  9. 9.
    Sakurada, M., Yairi, T.: Anomaly detection using autoencoders with nonlinear dimensionality reduction. In: Rahman, A., Deng, J., Li, J. (eds.) Proceedings of the MLSDA 2014 2nd Workshop on Machine Learning for Sensory Data Analysis (MLSDA 2014), p. 4, 8. ACM, New York (2014).
  10. 10.
    Fiore, U., Palmieri, F., Castiglione, A., De Santis, A.: Network anomaly detection with the restricted Boltzmann machine. Neurocomputing 122, 13–23 (2013)CrossRefGoogle Scholar
  11. 11.
    Salama, M.A., Eid, H.F., Ramadan, R.A., Darwish, A., Hassanien, A.E.: Hybrid intelligent intrusion detection scheme. In: Soft Computing in Industrial Applications, pp. 293–303. Springer, Heidelberg (2011)Google Scholar
  12. 12.
    Zhai, S., Cheng, Y., Lu, W., Zhang, Z.: Deep structured energy based models for anomaly detection. In: Maria Balcan, F., Weinberger, K.Q. (eds.) Proceedings of the 33rd International Conference on Machine Learning - Volume 48 (ICML 2016), vol. 48, pp. 1100–1109 (2016).
  13. 13.
    Tavallaee, M., Bagheri, E., Lu, W., Ghorbani, A.: A detailed analysis of the KDD CUP 99 data set. In: IEEE Symposium on Computational Intelligence for Security and Defense Applications, CISDA 2009, pp. 1–6 (2009).

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  1. 1.School of Computing, Engineering, and MathematicsWestern Sydney UniversitySydneyAustralia

Personalised recommendations