Abstract
Anomaly detection is a core function of the network intrusion detection system, and due to the high volume and dimensionality of network data, clustering is an important technique for anomaly detection in unsupervised machine learning world. In this paper, we propose a clustering approach for anomaly detection on network traffic flow data. For profiling normal traffic, we apply the component-based feature saliency Gaussian mixture model. We then present a variational learning algorithm which can simultaneously optimize over the number of components, the saliency of the features for each component, and the parameters of the mixture model. The preliminary experiments on a real-world network intrusion dataset demonstrate the satisfying performance achieved by both our method on its own and with a data pre processing using the auto-encoder.
Original language | English |
---|---|
Publication status | Accepted - 14 Aug 2023 |
Event | Workshop on Security and Artificial Intelligence 2023 - The Hague Conference Centre New Babylon , The Hague, Netherlands Duration: 25 Sept 2023 → 29 Sept 2023 https://sites.google.com/view/secai2023/home |
Workshop
Workshop | Workshop on Security and Artificial Intelligence 2023 |
---|---|
Abbreviated title | SECAI 2023 |
Country/Territory | Netherlands |
City | The Hague |
Period | 25/09/2023 → 29/09/2023 |
Internet address |