Applying of Machine Learning for Analyzing Network Traffic in the Conditions of an Unbalanced Data Sample

EasyChair Preprint 6590

Abstract

The article provides a solution to the problem of identifying anomalous situations in information and telecommunication systems, based on artificial intelligence methods. The presented method for identifying an anomalous situation is based on processing the received tuples of network traffic packet values using various classification models. The proposed solution improves the identification accuracy and makes it possible to use classification algorithms optimized for different types of events and anomalies, trained on various training samples, presented in the form of tuples of network packet parameters. The difference between the algorithms is achieved by introducing an imbalance in the training samples. The paper describes the experiment using Naïve Bayes, Hoeffding Tree, J48, Random Forest, Random Tree, REP Tree machine learning classification algorithms, and the Multilayer Perceptron neural network. The method can be applied in information security monitoring systems when analyzing network traffic. A feature of the proposed solution is the possibility of its scaling and combination by adding new algorithms for classification of machine learning.

Keyphrases: Information Security, anomaly detection, network traffic

@booklet{EasyChair:6590,
  author    = {Babyr Rzayev and Ilya Lebedev},
  title     = {Applying of Machine Learning for Analyzing Network Traffic in the Conditions of an Unbalanced Data Sample},
  howpublished = {EasyChair Preprint 6590},
  year      = {EasyChair, 2021}}