Summary
International Conference on Emerging Technologies for Communications
2023
Session Number:P1
Session:
Number:P1-12
A Study on Features for Internet Security Analysis Using Machine Learning
Tomoaki Koyama, Kohei Shiomoto,
pp.-
Publication Date:2023/11/29
Online ISSN:2188-5079
Summary:
Technological innovation has led to an increase in the number of devices connected to networks, and cybersecurity has become increasingly important as a result. Intrusion Detection System (NIDS) are one of the mechanisms to ensure security. In this research, we are studying the implementation of NIDS using machine learning. Many NIDS studies have performed supervised learning using datasets created for research, such as the NSL-KDD dataset and the CICIDS2017 dataset, to create learning models, but few studies have been conducted using actual communication traffic data. Actual communication traffic data is difficult to label, and it is time-consuming and costly to prepare large amounts of such data, and network trends change, making it difficult to prepare training data for supervised learning. Therefore, this study aimed to create a discriminative model that does not require labeling. Specifically, we collected a large amount of normal data in the lab to collect internet traffic data, trained Autoencoder based on these normal patterns assuming that all data is normal, and reconfigured We created an anomaly detection model using the error. The autoencoder model trained on the created data set was able to discriminate normal traffic 75% of the time after 96 hours of data training. We propose to re-train a model trained using only normal traffic data when the anomaly rate is always more than 30%.