DeepNet: A Deep Learning Architecture for Network-Based Anomaly Detection

  • Javad Zabihi
  • Vandana JanejaEmail author
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11878)


Anomaly detection has been one of the most interesting research areas in the field of cybersecurity. Supervised anomaly detection systems have not been practical and effective enough in real-world scenarios. As a result, different unsupervised anomaly detection pipelines have gained more attention due to their effectiveness. Autoencoders are one of the most powerful unsupervised approaches which can be used to analyze complex and large-scale datasets. This study proposes a method called DeepNet, which investigates the potential of adopting an unsupervised deep learning approach by proposing an autoencoder architecture to detect network intrusion. An autoencoder approach is implemented on network-based data while taking different architectures into account. We provide a comprehensive comparison of the effectiveness of different schemes. Due to the unique methodology of autoencoders, specific methods have been suggested to evaluate the performance of proposed models. The results of this study can be used as a foundation to build a robust anomaly detection system with an unsupervised approach.


Anomaly detection Deep learning Autoencoder 


  1. 1.
  2. 2.
    Moustafa, N., Turnbull, B., Choo, K.R.: An ensemble intrusion detection technique based on proposed statistical flow features for protecting network traffic of internet of things. IEEE Internet Things J. 6, 4815–4830 (2018)CrossRefGoogle Scholar
  3. 3.
    Moustafa, N., Misra, G., Slay, J.: Generalized outlier gaussian mixture technique based on automated association features for simulating and detecting web application attacks. IEEE Trans. Sustain. Comput. (2018)Google Scholar
  4. 4.
    Liu, G., Yi, Z., Yang, S.: A hierarchical intrusion detection model based on the PCA neural networks. Neurocomputing 70(7-9), 1561–1568 (2007)CrossRefGoogle Scholar
  5. 5.
    Sharma, A., Panigrahi, P.K.: A review of financial accounting fraud detection based on data mining techniques. Int. J. Comput. Appl. 39(1), 37–47 (2012)Google Scholar
  6. 6.
    Nadeem, A., Howarth, M.P.: A survey of MANET intrusion detection amp; prevention approaches for network layer attacks. IEEE Commun. Surv. Tutor. 15(4), 2027–2045 (2013)CrossRefGoogle Scholar
  7. 7.
    Hodge, V.J., Austin, J.: A survey of outlier detection methodologies. Artif. Intell. Rev. 22, 85–126 (2004)CrossRefGoogle Scholar
  8. 8.
    Wang, Y., Li, D., Du, Y., Pan, Z.: Anomaly detection in traffic using l1-norm minimization extreme learning machine. Neurocomputing 149, Part A, 415–425 (2015)CrossRefGoogle Scholar
  9. 9.
    Xu, D., Song, R., Wu, X., Li, N., Feng, W., Qian, H.: Video anomaly detection based on a hierarchical activity discovery within spatio-temporal contexts. Neuro-Computing 143, 144–152 (2014)Google Scholar
  10. 10.
    Wang, J., Xu, Z.: Crowd anomaly detection for automated video surveillance. In: Proceedings of the ICDP, pp. 1–6 (2015)Google Scholar
  11. 11.
    Cui, X., Liu, Q., Gao, M., Metaxas, D.N.: Abnormal detection using interaction energy potentials. In: Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition (CVPR), pp. 3161–3167. IEEE (2011)Google Scholar
  12. 12.
    Li, X., Bowers, C.P., Schnier, T.: Classification of energy consumption in buildings with outlier detection. IEEE Trans. Ind. Electron. 57(11), 3639–3644 (2010)CrossRefGoogle Scholar
  13. 13.
    MacQueen, J.: Some methods for classification and analysis of multivariate observations. In: Proceedings of the Fifth Berkeley Symposium on Mathematical Statistics and Probability, Volume 1: Statistics, pp. 281–297 (1967)Google Scholar
  14. 14.
    Ester, M., Kriegel, H.-P., Sander, J., Xu, X.: A density-based algorithm for discovering clusters in large spatial databases with noise, pp. 226–231. AAAI Press (1996)Google Scholar
  15. 15.
    Hawkins, S., He, H., Williams, G., Baxter, R.: Outlier detection using replicator neural networks. In: Kambayashi, Y., Winiwarter, W., Arikawa, M. (eds.) DaWaK 2002. LNCS, vol. 2454, pp. 170–180. Springer, Heidelberg (2002). Scholar
  16. 16.
    Sakurada, M., Yairi, T.: Anomaly detection using autoencoders with nonlinear dimensionality reduction. In: Proceedings of the MLSDA 2014 2nd Workshop on Machine Learning for Sensory Data Analysis, p. 4. ACM (2014)Google Scholar
  17. 17.
    Erfani, S.M., Rajasegarar, S., Karunasekera, S., Leckie, C.: High-dimensional and large-scale anomaly detection using a linear one-class SVM with deep learning. Pattern Recogn. 58, 121–134 (2016)CrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2020

Authors and Affiliations

  1. 1.Information Systems DepartmentUniversity of MarylandBaltimore CountyUSA

Personalised recommendations