ADAPTIVE MODEL FOR ANOMALY DETECTION IN NETWORK TRAFFIC USING MACHINE LEARNING METHODS
Ключевые слова:
anomaly detection, network traffic, cybersecurity, machine learning, One-Class SVM, automatic adaptation, data preprocessing, performance evaluation.Аннотация
The article is dedicated to the development of an intelligent system for detecting anomalies in network traffic using machine learning methods. It examines in detail the relevance of this problem for ensuring cybersecurity, analyzes the shortcomings of existing manual approaches, and justifies the need for automated solutions.
The article describes the architecture of the developed system, including components for traffic capture, data preprocessing, model training based on the One-Class SVM algorithm, and automatic adaptation to network changes. Special attention is paid to the process of anomaly detection, model quality assessment, and mechanisms for monitoring and alerting about detected incidents.
Библиографические ссылки
1. Stallings, W. (2017). Cryptography and Network Security: Principles and Practice (7th ed.). Pearson.
2. Vacca, J. R. (2013). Network and System Security (2nd ed.). Syngress.
3. Scarfone, K., & Mell, P. (2007). Guide to Intrusion Detection and Prevention Systems (IDPS). NIST Special Publication, 800-94.
4. Modi, C., Patel, D., Borisaniya, B., Patel, H., Patel, A., & Rajarajan, M. (2013). A survey of intrusion detection techniques in cloud. Journal of Network and Computer Applications, 36(1), 42-57.
5. Patcha, A., & Park, J. M. (2007). An overview of anomaly detection techniques: Existing solutions and latest technological trends. Computer Networks, 51(12), 3448-3470.
6. Chandola, V., Banerjee, A., & Kumar, V. (2009). Anomaly detection: A survey. ACM computing surveys (CSUR), 41(3), 1-58.
Загрузки
Опубликован
Выпуск
Раздел
Лицензия
Это произведение доступно по лицензии Creative Commons «Attribution-NonCommercial-NoDerivatives» («Атрибуция — Некоммерческое использование — Без производных произведений») 4.0 Всемирная.
