Łukasiewicz Research Network-Institute of Innovative Technologies EMAG, ul. Leopolda 31, 40-189 Katowice, Poland.
Wroclaw Centre for Networking and Supercomputing, Wroclaw University of Science and Technology, Wybrzeże Wyspiańskiego 27, 50-370 Wrocław, Poland.
Sensors (Basel). 2023 Mar 9;23(6):2974. doi: 10.3390/s23062974.
It seems to be a truism to say that we should pay more and more attention to network traffic safety. Such a goal may be achieved with many different approaches. In this paper, we put our attention on the increase in network traffic safety based on the continuous monitoring of network traffic statistics and detecting possible anomalies in the network traffic description. The developed solution, called the anomaly detection module, is mostly dedicated to public institutions as the additional component of the network security services. Despite the use of well-known anomaly detection methods, the novelty of the module is based on providing an exhaustive strategy of selecting the best combination of models as well as tuning the models in a much faster offline mode. It is worth emphasizing that combined models were able to achieve 100% balanced accuracy level of specific attack detection.
似乎有一个不言而喻的道理,即我们应该越来越关注网络流量安全。可以通过许多不同的方法来实现这一目标。在本文中,我们将注意力集中在基于网络流量统计的持续监控和检测网络流量描述中可能存在的异常的基础上,来提高网络流量安全性。所开发的解决方案称为异常检测模块,主要针对公共机构作为网络安全服务的附加组件。尽管使用了众所周知的异常检测方法,但该模块的新颖之处在于提供了一种详尽的策略,用于选择最佳的模型组合,以及在离线模式下更快地调整模型。值得强调的是,组合模型能够实现特定攻击检测的 100%平衡准确率水平。
