TY - GEN
T1 - Autoperman
T2 - 8th International Conference on Artificial Intelligence and Security , ICAIS 2022
AU - Han, Shangbin
AU - Wu, Qianhong
AU - Zhang, Han
AU - Qin, Bo
AU - Yao, Jiangyuan
AU - Susilo, Willy
N1 - Publisher Copyright:
© 2022, The Author(s), under exclusive license to Springer Nature Switzerland AG.
PY - 2022
Y1 - 2022
N2 - Network traffic, which records users’ behaviors, is valuable data resources for diagnosing the health of the network. Mining anomaly in network is essential for network defense. Although traditional machine learning approaches have good performance, their dependence on huge training data set with expensive labels make them impractical. Furthermore, after complex hyperparameters tuning, the detection model may not work. Facing these challenges, in this paper, we propose Autoperman through supervised learning. In Autoperman, machine learning algorithms with fixed hyperparameters as feature extractors are integrated, which utilize a small amount of training data to be initialized. Then Random Forest is selected as the anomaly classifier and achieves automatic parameters tuning via well studied online optimization theory. We compare the performance of Autoperman against traditional anomaly detection algorithms using public traffic datasets. The results demonstrate that Autoperman can perform about 6.9%, 34.2%, 4.3%, 2.2%, 37.6 % better than L-SVM, NL-SVM, LR, MLP, K-means, respectively.
AB - Network traffic, which records users’ behaviors, is valuable data resources for diagnosing the health of the network. Mining anomaly in network is essential for network defense. Although traditional machine learning approaches have good performance, their dependence on huge training data set with expensive labels make them impractical. Furthermore, after complex hyperparameters tuning, the detection model may not work. Facing these challenges, in this paper, we propose Autoperman through supervised learning. In Autoperman, machine learning algorithms with fixed hyperparameters as feature extractors are integrated, which utilize a small amount of training data to be initialized. Then Random Forest is selected as the anomaly classifier and achieves automatic parameters tuning via well studied online optimization theory. We compare the performance of Autoperman against traditional anomaly detection algorithms using public traffic datasets. The results demonstrate that Autoperman can perform about 6.9%, 34.2%, 4.3%, 2.2%, 37.6 % better than L-SVM, NL-SVM, LR, MLP, K-means, respectively.
KW - Anomaly detection
KW - Autoperman
KW - Ensemble learning
UR - https://www.scopus.com/pages/publications/85135053845
U2 - 10.1007/978-3-031-06761-7_49
DO - 10.1007/978-3-031-06761-7_49
M3 - 会议稿件
AN - SCOPUS:85135053845
SN - 9783031067600
T3 - Communications in Computer and Information Science
SP - 616
EP - 628
BT - Advances in Artificial Intelligence and Security - 8th International Conference on Artificial Intelligence and Security, ICAIS 2022, Proceedings
A2 - Sun, Xingming
A2 - Zhang, Xiaorui
A2 - Xia, Zhihua
A2 - Bertino, Elisa
PB - Springer Science and Business Media Deutschland GmbH
Y2 - 15 July 2022 through 20 July 2022
ER -