A lightweight deep autoencoder-based approach for unsupervised anomaly detection

Gcinizwe Dlamini; Rufina Galieva; Muhammad Fahim

doi:10.1109/AICCSA47632.2019.9035217

A lightweight deep autoencoder-based approach for unsupervised anomaly detection

Gcinizwe Dlamini, Rufina Galieva, Muhammad Fahim

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

Unsupervised anomaly detection is an important area of research to find abnormal behavior and integral part of many systems. In this research, a lightweight deep autoencoder based approach is presented to detect anomalies in unsupervised manner. It has the ability to learn the model over the normal patterns and any deviation is considered as an anomaly. Consequently, it can relax the condition to have anomalous data patterns during the training phase of the model. In this work, we examine lightweight autoencoder for anomaly detection task in order to show that simple architecture can show good performance in terms of training, testing time, number of parameters and metrics. We apply autoencoder for binary classification problem (i.e., each data point considered either normal or abnormal). The reconstruction error is used to detect anomalies. The experiments are carried out over the particular class of cyber security domain known as intrusion detection systems. We evaluated our model on standard publicly available benchmarks of KDD-99, NSL-KDD and UNSW-NB15 and achieved F1-score of 0.96, 0.88 and 0.95, respectively. It outperforms by a considerable margin when compared to state-of-the-art methods.

Original language	English
Title of host publication	16th ACS/IEEE International Conference on Computer Systems and Applications, AICCSA 2019
Publisher	IEEE Computer Society
ISBN (Electronic)	9781728150529
DOIs	https://doi.org/10.1109/AICCSA47632.2019.9035217
Publication status	Published - Nov 2019
Externally published	Yes
Event	16th ACS/IEEE International Conference on Computer Systems and Applications, AICCSA 2019 - Abu Dhabi, United Arab Emirates Duration: 03 Nov 2019 → 07 Nov 2019

Publication series

Name	Proceedings of IEEE/ACS International Conference on Computer Systems and Applications, AICCSA
Volume	2019-November
ISSN (Print)	2161-5322
ISSN (Electronic)	2161-5330

Conference

Conference	16th ACS/IEEE International Conference on Computer Systems and Applications, AICCSA 2019
Country/Territory	United Arab Emirates
City	Abu Dhabi
Period	03/11/2019 → 07/11/2019

Bibliographical note

Publisher Copyright:
© 2019 IEEE.

Copyright:
Copyright 2020 Elsevier B.V., All rights reserved.

Keywords

Intrusion Detection System
KDD-99
Novelty Detection
NSL-KDD
Outlier detection
UNSW-NB15

ASJC Scopus subject areas

Computer Networks and Communications
Computer Science Applications
Hardware and Architecture
Signal Processing
Control and Systems Engineering
Electrical and Electronic Engineering

Access to Document

10.1109/AICCSA47632.2019.9035217Licence: Unspecified

Cite this

Dlamini, G., Galieva, R., & Fahim, M. (2019). A lightweight deep autoencoder-based approach for unsupervised anomaly detection. In 16th ACS/IEEE International Conference on Computer Systems and Applications, AICCSA 2019 [9035217] (Proceedings of IEEE/ACS International Conference on Computer Systems and Applications, AICCSA; Vol. 2019-November). IEEE Computer Society. https://doi.org/10.1109/AICCSA47632.2019.9035217

@inproceedings{573eb8cbc1564fbd9dc5c3b10f142680,

title = "A lightweight deep autoencoder-based approach for unsupervised anomaly detection",

abstract = "Unsupervised anomaly detection is an important area of research to find abnormal behavior and integral part of many systems. In this research, a lightweight deep autoencoder based approach is presented to detect anomalies in unsupervised manner. It has the ability to learn the model over the normal patterns and any deviation is considered as an anomaly. Consequently, it can relax the condition to have anomalous data patterns during the training phase of the model. In this work, we examine lightweight autoencoder for anomaly detection task in order to show that simple architecture can show good performance in terms of training, testing time, number of parameters and metrics. We apply autoencoder for binary classification problem (i.e., each data point considered either normal or abnormal). The reconstruction error is used to detect anomalies. The experiments are carried out over the particular class of cyber security domain known as intrusion detection systems. We evaluated our model on standard publicly available benchmarks of KDD-99, NSL-KDD and UNSW-NB15 and achieved F1-score of 0.96, 0.88 and 0.95, respectively. It outperforms by a considerable margin when compared to state-of-the-art methods.",

keywords = "Intrusion Detection System, KDD-99, Novelty Detection, NSL-KDD, Outlier detection, UNSW-NB15",

author = "Gcinizwe Dlamini and Rufina Galieva and Muhammad Fahim",

note = "Publisher Copyright: {\textcopyright} 2019 IEEE. Copyright: Copyright 2020 Elsevier B.V., All rights reserved.; 16th ACS/IEEE International Conference on Computer Systems and Applications, AICCSA 2019 ; Conference date: 03-11-2019 Through 07-11-2019",

year = "2019",

month = nov,

doi = "10.1109/AICCSA47632.2019.9035217",

language = "English",

series = "Proceedings of IEEE/ACS International Conference on Computer Systems and Applications, AICCSA",

publisher = "IEEE Computer Society",

booktitle = "16th ACS/IEEE International Conference on Computer Systems and Applications, AICCSA 2019",

}

Dlamini, G, Galieva, R & Fahim, M 2019, A lightweight deep autoencoder-based approach for unsupervised anomaly detection. in 16th ACS/IEEE International Conference on Computer Systems and Applications, AICCSA 2019., 9035217, Proceedings of IEEE/ACS International Conference on Computer Systems and Applications, AICCSA, vol. 2019-November, IEEE Computer Society, 16th ACS/IEEE International Conference on Computer Systems and Applications, AICCSA 2019, Abu Dhabi, United Arab Emirates, 03/11/2019. https://doi.org/10.1109/AICCSA47632.2019.9035217

A lightweight deep autoencoder-based approach for unsupervised anomaly detection. / Dlamini, Gcinizwe; Galieva, Rufina; Fahim, Muhammad.

16th ACS/IEEE International Conference on Computer Systems and Applications, AICCSA 2019. IEEE Computer Society, 2019. 9035217 (Proceedings of IEEE/ACS International Conference on Computer Systems and Applications, AICCSA; Vol. 2019-November).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - A lightweight deep autoencoder-based approach for unsupervised anomaly detection

AU - Dlamini, Gcinizwe

AU - Galieva, Rufina

AU - Fahim, Muhammad

PY - 2019/11

Y1 - 2019/11

N2 - Unsupervised anomaly detection is an important area of research to find abnormal behavior and integral part of many systems. In this research, a lightweight deep autoencoder based approach is presented to detect anomalies in unsupervised manner. It has the ability to learn the model over the normal patterns and any deviation is considered as an anomaly. Consequently, it can relax the condition to have anomalous data patterns during the training phase of the model. In this work, we examine lightweight autoencoder for anomaly detection task in order to show that simple architecture can show good performance in terms of training, testing time, number of parameters and metrics. We apply autoencoder for binary classification problem (i.e., each data point considered either normal or abnormal). The reconstruction error is used to detect anomalies. The experiments are carried out over the particular class of cyber security domain known as intrusion detection systems. We evaluated our model on standard publicly available benchmarks of KDD-99, NSL-KDD and UNSW-NB15 and achieved F1-score of 0.96, 0.88 and 0.95, respectively. It outperforms by a considerable margin when compared to state-of-the-art methods.

AB - Unsupervised anomaly detection is an important area of research to find abnormal behavior and integral part of many systems. In this research, a lightweight deep autoencoder based approach is presented to detect anomalies in unsupervised manner. It has the ability to learn the model over the normal patterns and any deviation is considered as an anomaly. Consequently, it can relax the condition to have anomalous data patterns during the training phase of the model. In this work, we examine lightweight autoencoder for anomaly detection task in order to show that simple architecture can show good performance in terms of training, testing time, number of parameters and metrics. We apply autoencoder for binary classification problem (i.e., each data point considered either normal or abnormal). The reconstruction error is used to detect anomalies. The experiments are carried out over the particular class of cyber security domain known as intrusion detection systems. We evaluated our model on standard publicly available benchmarks of KDD-99, NSL-KDD and UNSW-NB15 and achieved F1-score of 0.96, 0.88 and 0.95, respectively. It outperforms by a considerable margin when compared to state-of-the-art methods.

KW - Intrusion Detection System

KW - KDD-99

KW - Novelty Detection

KW - NSL-KDD

KW - Outlier detection

KW - UNSW-NB15

U2 - 10.1109/AICCSA47632.2019.9035217

DO - 10.1109/AICCSA47632.2019.9035217

M3 - Conference contribution

AN - SCOPUS:85082649524

T3 - Proceedings of IEEE/ACS International Conference on Computer Systems and Applications, AICCSA

BT - 16th ACS/IEEE International Conference on Computer Systems and Applications, AICCSA 2019

PB - IEEE Computer Society

T2 - 16th ACS/IEEE International Conference on Computer Systems and Applications, AICCSA 2019

Y2 - 3 November 2019 through 7 November 2019

ER -

Dlamini G, Galieva R, Fahim M. A lightweight deep autoencoder-based approach for unsupervised anomaly detection. In 16th ACS/IEEE International Conference on Computer Systems and Applications, AICCSA 2019. IEEE Computer Society. 2019. 9035217. (Proceedings of IEEE/ACS International Conference on Computer Systems and Applications, AICCSA). https://doi.org/10.1109/AICCSA47632.2019.9035217

A lightweight deep autoencoder-based approach for unsupervised anomaly detection

Abstract

Publication series

Conference

Bibliographical note

Keywords

ASJC Scopus subject areas

Access to Document

Fingerprint

Cite this