Abstract
In the rapidly evolving realm of cyber-security, the detection of network anomalies serves as a pivotal line of defense against a myriad of malicious activities and cyberthreats. This research undertakes the task of enhancing the accuracy and efficacy of network anomaly detection by employing a comparative analysis of various individual machine learning models. The study delves into the performance of distinct models, including Random Forest, Gradient Boosting, AdaBoost, neural networks, and SVM, meticulously scrutinizing their capabilities in detecting network anomalies. The crux of this study lies in its meticulous evaluation of each individual model on the revered NSL-KDD dataset—an established benchmark within the field of network intrusion detection. Through a systematic blend of rigorous mathematical frameworks, precise model implementations, and comprehensive experimental assessments, this research offers a deep understanding of the inner workings of each algorithm. The pivotal aspect of this study revolves around the comprehensive comparative analysis of these standalone models. Going beyond the mere quantifica-tion of accuracy, the exploration delves into aspects of precision, recall, \(F_1\)-score, and more, shedding light on their diverse facets of performance. With achieved accuracies of 99.2419% for Random Forest, 99.5197% for Gradient Boosting, 86.6044% for AdaBoost, 84.00% for neural networks, and 87.00% for SVM, this research underlines the distinctive attributes and potential of each model in the context of network anomaly detection. As the study unravels the distinct strengths and limitations of each model, it contributes to the broader landscape of cyber-security by providing insights into the efficacy of individual machine learning approaches.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Fernandes G, Rodrigues JJ, Carvalho LF, Al-Muhtadi JF, Proença ML (2019) A comprehensive survey on network anomaly detection. Telecommun Syst 70:447–489
Moustafa N, Hu J, Slay J (2019) A holistic review of network anomaly detection systems: a comprehensive survey. J Network Comput Appl 128:33–55
Pu G, Wang L, Shen J, Dong F (2020) A hybrid unsupervised clustering-based anomaly detection method. Tsinghua Sci Technol 26(2):146–153
Staudemeyer RC (2015) Applying long short-term memory recurrent neural networks to intrusion detection. South Afr Comput J 56(1):136–154
Sharma B, Sharma L, Lal C, Roy S (2023) Anomaly based network intrusion detection for IoT attacks using deep learning technique. Comput Electr Eng 107:108626
Kim J, Kim J, Thu HLT, Kim H (2016) Long short term memory recurrent neural network classifier for intrusion detection. In: 2016 international conference on platform technology and service (PlatCon). IEEE, pp 1–5
Sharma B, Sharma L, Lal C (2022, Apr) Anomaly based network intrusion detection for IoT attacks using convolution neural network. In: 2022 IEEE 7th international conference for convergence in technology (I2CT). IEEE, pp 1–6
Liu Z, Thapa N, Shaver A, Roy K, Yuan X, Khorsandroo S (2020, Aug) Anomaly detection on IoT network intrusion using machine learning. In: 2020 international conference on artificial intelligence, big data, computing and data communication systems (ICABCD). IEEE, pp 1–5
Mukherjee I, Sahu NK, Sahana SK (2023) Simulation and modeling for anomaly detection in IoT network using machine learning. Int J Wirel Inf Networks 30:173–189. https://doi.org/10.1007/s10776-021-00542-7
Khan W, Haroon M (2022) An unsupervised deep learning ensemble model for anomaly detection in static attributed social networks. Int J Cogn Comput Eng 3:153–160
Gupta K, Sharma DK, Gupta KD, Kumar A (2022) A tree classifier based network intrusion detection model for internet of medical things. Comput Electr Eng 102:108158
Savage D, Zhang X, Yu X, Chou P, Wang Q (2014) Anomaly detection in online social networks. Soc Networks 39:62–70
Benaddi H, Ibrahimi K, Benslimane A (2018, Oct) Improving the intrusion detection system for NSL-KDD dataset based on PCA-fuzzy clustering-KNN. In: 2018 6th international conference on wireless networks and mobile communications (WINCOM). IEEE, pp 1–6
Su T, Sun H, Zhu J, Wang S, Li Y (2020) BAT: deep learning methods on network intrusion detection using NSL-KDD dataset. IEEE Access 8:29575–29585
Wang C, Zhou H, Hao Z et al (2022) Network traffic analysis over clustering-based collective anomaly detection. Comput Networks 205:108760
Wang Z, Zhou J, Hei X (2023) Network traffic anomaly detection based on generative adversarial network and transformer. In: Xiong N, Li M, Li K, Xiao Z, Liao L, Wang L (eds) Advances in natural computation, fuzzy systems and knowledge discovery. ICNC-FSKD 2022. Lecture notes on data engineering and communications technologies, vol 153. Springer, Cham
Ma Q, Sun C, Cui B (2021) A novel model for anomaly detection in network traffic based on support vector machine and clustering. Secur Commun Networks 2021:1–11
Assy AT, Mostafa Y, Abd El-khaleq A, Mashaly M (2023) Anomaly-based intrusion detection system using one-dimensional convolutional neural network. Procedia Comput Sci 220:78–85
Acharya T, Annamalai A, Chouikha MF (2023, May) Efficacy of bidirectional LSTM model for network-based anomaly detection. In: 2023 IEEE 13th symposium on computer applications & industrial electronics (ISCAIE). IEEE, pp 336–341 (Better than LSTM)
Kavitha S, Uma Maheswari N (2021) Network anomaly detection for NSL-KDD dataset using deep learning. Inf Technol Ind 9(2):821–827 (Performance comparison)
Gadal S, Mokhtar R, Abdelhaq M, Alsaqour R, Ali ES, Saeed R (2022) Machine learning-based anomaly detection using K-mean array and sequential minimal optimization. Electronics 11(14):2158
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Pandey, R., Pandey, M., Nazarov, A. (2024). Advancing Network Anomaly Detection: Comparative Analysis of Machine Learning Models. In: Chaturvedi, A., Hasan, S.U., Roy, B.K., Tsaban, B. (eds) Cryptology and Network Security with Machine Learning. ICCNSML 2023. Lecture Notes in Networks and Systems, vol 918. Springer, Singapore. https://doi.org/10.1007/978-981-97-0641-9_41
Download citation
DOI: https://doi.org/10.1007/978-981-97-0641-9_41
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-97-0640-2
Online ISBN: 978-981-97-0641-9
eBook Packages: EngineeringEngineering (R0)