Skip to main content
SpringerLink
Log in

Advancing Network Anomaly Detection: Comparative Analysis of Machine Learning Models

  • Conference paper
  • First Online:
Cryptology and Network Security with Machine Learning (ICCNSML 2023)

Part of the book series: Lecture Notes in Networks and Systems ((LNNS,volume 918))

  • 82 Accesses

Abstract

In the rapidly evolving realm of cyber-security, the detection of network anomalies serves as a pivotal line of defense against a myriad of malicious activities and cyberthreats. This research undertakes the task of enhancing the accuracy and efficacy of network anomaly detection by employing a comparative analysis of various individual machine learning models. The study delves into the performance of distinct models, including Random Forest, Gradient Boosting, AdaBoost, neural networks, and SVM, meticulously scrutinizing their capabilities in detecting network anomalies. The crux of this study lies in its meticulous evaluation of each individual model on the revered NSL-KDD dataset—an established benchmark within the field of network intrusion detection. Through a systematic blend of rigorous mathematical frameworks, precise model implementations, and comprehensive experimental assessments, this research offers a deep understanding of the inner workings of each algorithm. The pivotal aspect of this study revolves around the comprehensive comparative analysis of these standalone models. Going beyond the mere quantifica-tion of accuracy, the exploration delves into aspects of precision, recall, \(F_1\)-score, and more, shedding light on their diverse facets of performance. With achieved accuracies of 99.2419% for Random Forest, 99.5197% for Gradient Boosting, 86.6044% for AdaBoost, 84.00% for neural networks, and 87.00% for SVM, this research underlines the distinctive attributes and potential of each model in the context of network anomaly detection. As the study unravels the distinct strengths and limitations of each model, it contributes to the broader landscape of cyber-security by providing insights into the efficacy of individual machine learning approaches.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 189.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 249.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Fernandes G, Rodrigues JJ, Carvalho LF, Al-Muhtadi JF, Proença ML (2019) A comprehensive survey on network anomaly detection. Telecommun Syst 70:447–489

    Google Scholar 

  2. Moustafa N, Hu J, Slay J (2019) A holistic review of network anomaly detection systems: a comprehensive survey. J Network Comput Appl 128:33–55

    Google Scholar 

  3. Pu G, Wang L, Shen J, Dong F (2020) A hybrid unsupervised clustering-based anomaly detection method. Tsinghua Sci Technol 26(2):146–153

    Google Scholar 

  4. Staudemeyer RC (2015) Applying long short-term memory recurrent neural networks to intrusion detection. South Afr Comput J 56(1):136–154

    Google Scholar 

  5. Sharma B, Sharma L, Lal C, Roy S (2023) Anomaly based network intrusion detection for IoT attacks using deep learning technique. Comput Electr Eng 107:108626

    Google Scholar 

  6. Kim J, Kim J, Thu HLT, Kim H (2016) Long short term memory recurrent neural network classifier for intrusion detection. In: 2016 international conference on platform technology and service (PlatCon). IEEE, pp 1–5

    Google Scholar 

  7. Sharma B, Sharma L, Lal C (2022, Apr) Anomaly based network intrusion detection for IoT attacks using convolution neural network. In: 2022 IEEE 7th international conference for convergence in technology (I2CT). IEEE, pp 1–6

    Google Scholar 

  8. Liu Z, Thapa N, Shaver A, Roy K, Yuan X, Khorsandroo S (2020, Aug) Anomaly detection on IoT network intrusion using machine learning. In: 2020 international conference on artificial intelligence, big data, computing and data communication systems (ICABCD). IEEE, pp 1–5

    Google Scholar 

  9. Mukherjee I, Sahu NK, Sahana SK (2023) Simulation and modeling for anomaly detection in IoT network using machine learning. Int J Wirel Inf Networks 30:173–189. https://doi.org/10.1007/s10776-021-00542-7

  10. Khan W, Haroon M (2022) An unsupervised deep learning ensemble model for anomaly detection in static attributed social networks. Int J Cogn Comput Eng 3:153–160

    Google Scholar 

  11. Gupta K, Sharma DK, Gupta KD, Kumar A (2022) A tree classifier based network intrusion detection model for internet of medical things. Comput Electr Eng 102:108158

    Google Scholar 

  12. Savage D, Zhang X, Yu X, Chou P, Wang Q (2014) Anomaly detection in online social networks. Soc Networks 39:62–70

    Google Scholar 

  13. Benaddi H, Ibrahimi K, Benslimane A (2018, Oct) Improving the intrusion detection system for NSL-KDD dataset based on PCA-fuzzy clustering-KNN. In: 2018 6th international conference on wireless networks and mobile communications (WINCOM). IEEE, pp 1–6

    Google Scholar 

  14. Su T, Sun H, Zhu J, Wang S, Li Y (2020) BAT: deep learning methods on network intrusion detection using NSL-KDD dataset. IEEE Access 8:29575–29585

    Google Scholar 

  15. Wang C, Zhou H, Hao Z et al (2022) Network traffic analysis over clustering-based collective anomaly detection. Comput Networks 205:108760

    Google Scholar 

  16. Wang Z, Zhou J, Hei X (2023) Network traffic anomaly detection based on generative adversarial network and transformer. In: Xiong N, Li M, Li K, Xiao Z, Liao L, Wang L (eds) Advances in natural computation, fuzzy systems and knowledge discovery. ICNC-FSKD 2022. Lecture notes on data engineering and communications technologies, vol 153. Springer, Cham

    Google Scholar 

  17. Ma Q, Sun C, Cui B (2021) A novel model for anomaly detection in network traffic based on support vector machine and clustering. Secur Commun Networks 2021:1–11

    Google Scholar 

  18. Assy AT, Mostafa Y, Abd El-khaleq A, Mashaly M (2023) Anomaly-based intrusion detection system using one-dimensional convolutional neural network. Procedia Comput Sci 220:78–85

    Google Scholar 

  19. Acharya T, Annamalai A, Chouikha MF (2023, May) Efficacy of bidirectional LSTM model for network-based anomaly detection. In: 2023 IEEE 13th symposium on computer applications & industrial electronics (ISCAIE). IEEE, pp 336–341 (Better than LSTM)

    Google Scholar 

  20. Kavitha S, Uma Maheswari N (2021) Network anomaly detection for NSL-KDD dataset using deep learning. Inf Technol Ind 9(2):821–827 (Performance comparison)

    Google Scholar 

  21. Gadal S, Mokhtar R, Abdelhaq M, Alsaqour R, Ali ES, Saeed R (2022) Machine learning-based anomaly detection using K-mean array and sequential minimal optimization. Electronics 11(14):2158

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Radio Engineering and Cybernetics, Moscow Institute of Physics and Technology, Moscow, Russia

    Rashmikiran Pandey, Mrinal Pandey & Alexey Nazarov

  2. Federal Research Center Computer Science and Control, Russian Academy of Science, Moscow, Russia

    Alexey Nazarov

Authors
  1. Rashmikiran Pandey
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mrinal Pandey
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Alexey Nazarov
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Rashmikiran Pandey .

Editor information

Editors and Affiliations

  1. Department of Mathematics, Pranveer Singh Institute of Technology, Kanpur, India

    Atul Chaturvedi

  2. Department of Mathematics, Indian Institute of Technology Jammu, Jammu, India

    Sartaj Ul Hasan

  3. Applied Statistics Unit, Indian Statistical Institute, Kolkata, India

    Bimal Kumar Roy

  4. Department of Mathematics, Bar-Ilan University, Ramat-Gan, Israel

    Boaz Tsaban

Rights and permissions

Reprints and permissions

Copyright information

© 2024 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Pandey, R., Pandey, M., Nazarov, A. (2024). Advancing Network Anomaly Detection: Comparative Analysis of Machine Learning Models. In: Chaturvedi, A., Hasan, S.U., Roy, B.K., Tsaban, B. (eds) Cryptology and Network Security with Machine Learning. ICCNSML 2023. Lecture Notes in Networks and Systems, vol 918. Springer, Singapore. https://doi.org/10.1007/978-981-97-0641-9_41

Download citation

  • DOI: https://doi.org/10.1007/978-981-97-0641-9_41

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-97-0640-2

  • Online ISBN: 978-981-97-0641-9

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation