Planned intervention: On Wednesday April 3rd 05:30 UTC Zenodo will be unavailable for up to 2-10 minutes to perform a storage cluster upgrade.
Published May 19, 2021 | Version v1
Journal article Open

Network Traffic Anomaly Detection via Deep Learning

  • 1. Synelixis Solutions S.A.
  • 2. Intrasoft International S.A.
  • 3. Intrasoft International S.A.,

Description

Network intrusion detection is a key pillar towards the sustainability and normal operation of information systems. Complex threat patterns and malicious actors are able to cause severe damages to cyber-systems. In this work, we propose novel Deep Learning formulations for detecting threats and alerts on network logs that were acquired by pfSense, an open-source software that acts as firewall on FreeBSD operating system. pfSense integrates several powerful security services such as firewall, URL filtering, and virtual private networking among others. The main goal of this study is to analyse the logs that were acquired by a local installation of pfSense software, in order to provide a powerful and efficient solution that controls traffic flow based on patterns that are automatically learnt via the proposed, challenging DL architectures. For this purpose, we exploit the Convolutional Neural Networks (CNNs), and the Long Short Term Memory Networks (LSTMs) in order to construct robust multi-class classifiers, able to assign each new network log instance that reaches our system into its corresponding category. The performance of our scheme is evaluated by conducting several quantitative experiments, and by comparing to state-of-the-art formulations.

Files

information-12-00215.pdf

Files (2.8 MB)

Name Size Download all
md5:6a8d492b5361cbbead3a42a6a4db9bc1
2.8 MB Preview Download

Additional details

Funding

PHOENIX – Electrical Power System’s Shield against complex incidents and extensive cyber and privacy attacks 832989
European Commission