ADAPTIVE MODEL FOR ANOMALY DETECTION IN NETWORK TRAFFIC USING MACHINE LEARNING METHODS
Keywords:
anomaly detection, network traffic, cybersecurity, machine learning, One-Class SVM, automatic adaptation, data preprocessing, performance evaluation.Abstract
The article is dedicated to the development of an intelligent system for detecting anomalies in network traffic using machine learning methods. It examines in detail the relevance of this problem for ensuring cybersecurity, analyzes the shortcomings of existing manual approaches, and justifies the need for automated solutions.
The article describes the architecture of the developed system, including components for traffic capture, data preprocessing, model training based on the One-Class SVM algorithm, and automatic adaptation to network changes. Special attention is paid to the process of anomaly detection, model quality assessment, and mechanisms for monitoring and alerting about detected incidents.
References
Stallings, W. (2017). Cryptography and Network Security: Principles and Practice (7th ed.). Pearson.
Vacca, J. R. (2013). Network and System Security (2nd ed.). Syngress.
Scarfone, K., & Mell, P. (2007). Guide to Intrusion Detection and Prevention Systems (IDPS). NIST Special Publication, 800-94.
Modi, C., Patel, D., Borisaniya, B., Patel, H., Patel, A., & Rajarajan, M. (2013). A survey of intrusion detection techniques in cloud. Journal of Network and Computer Applications, 36(1), 42-57.
Patcha, A., & Park, J. M. (2007). An overview of anomaly detection techniques: Existing solutions and latest technological trends. Computer Networks, 51(12), 3448-3470.
Chandola, V., Banerjee, A., & Kumar, V. (2009). Anomaly detection: A survey. ACM computing surveys (CSUR), 41(3), 1-58.
