Comparative Analysis and Development of Recommendations for the Use of Machine Learning Methods to Identify Network Traffic Anomalies in the Development of a Subsystem for User Behavioral Analysis
This article discusses various machine learning methods in order to conduct a more effective analysis of user network traffic using a subsystem for analyzing user behavior and detecting network anomalies, since there is a need to evaluate big data. The methods and techniques used to detect network a...
Сохранить в:
| Главные авторы: | , , , , , |
|---|---|
| Формат: | Статья |
| Язык: | English |
| Опубликовано: |
Springer Science and Business Media Deutschland GmbH
2024
|
| Темы: | |
| Online-ссылка: | https://dspace.ncfu.ru/handle/123456789/29365 |
| Метки: |
Добавить метку
Нет меток, Требуется 1-ая метка записи!
|
| id |
ir-123456789-29365 |
|---|---|
| record_format |
dspace |
| spelling |
ir-123456789-293652024-12-11T13:00:29Z Comparative Analysis and Development of Recommendations for the Use of Machine Learning Methods to Identify Network Traffic Anomalies in the Development of a Subsystem for User Behavioral Analysis Govorova, S. V. Говорова, С. В. Govorov, E. Y. Говоров, Е. Ю. Lapin, V. G. Лапин, В. Г. Machine learning method Traffic anomalies Performance evaluation criteria Network data Network anomaly detection methods This article discusses various machine learning methods in order to conduct a more effective analysis of user network traffic using a subsystem for analyzing user behavior and detecting network anomalies, since there is a need to evaluate big data. The methods and techniques used to detect network anomalies are analyzed. In analyzing the methods and technologies used to detect network anomalies, a classification of anomaly detection methods is proposed. To solve these problems, different algorithms can be used, differing in specificity and, as a result, efficiency. The classification of machine learning methods for detecting network anomalies is considered separately, since machine learning algorithms will be the most effective for the task. Various criteria for evaluating the effectiveness of machine learning models in solving the problem of network traffic profiling are considered. In accordance with the specifics of the tasks of user recognition and network anomaly detection, the most appropriate criteria for evaluating the effectiveness of machine learning models have been selected: AUC ROC – the area under the error curve. Four stages of the subsystem for analyzing user behavior and detecting network anomalies are highlighted. 2024-12-11T12:58:56Z 2024-12-11T12:58:56Z 2024 Статья Govorova, S., Govorov, E., Lapin, V., Mary Anita, E.A. Comparative Analysis and Development of Recommendations for the Use of Machine Learning Methods to Identify Network Traffic Anomalies in the Development of a Subsystem for User Behavioral Analysis // Lecture Notes in Networks and Systems. - 2024. - 1207 LNNS. - pp. 74-84. - DOI: 10.1007/978-3-031-77229-0_8 https://dspace.ncfu.ru/handle/123456789/29365 en Lecture Notes in Networks and Systems application/pdf Springer Science and Business Media Deutschland GmbH |
| institution |
СКФУ |
| collection |
Репозиторий |
| language |
English |
| topic |
Machine learning method Traffic anomalies Performance evaluation criteria Network data Network anomaly detection methods |
| spellingShingle |
Machine learning method Traffic anomalies Performance evaluation criteria Network data Network anomaly detection methods Govorova, S. V. Говорова, С. В. Govorov, E. Y. Говоров, Е. Ю. Lapin, V. G. Лапин, В. Г. Comparative Analysis and Development of Recommendations for the Use of Machine Learning Methods to Identify Network Traffic Anomalies in the Development of a Subsystem for User Behavioral Analysis |
| description |
This article discusses various machine learning methods in order to conduct a more effective analysis of user network traffic using a subsystem for analyzing user behavior and detecting network anomalies, since there is a need to evaluate big data. The methods and techniques used to detect network anomalies are analyzed. In analyzing the methods and technologies used to detect network anomalies, a classification of anomaly detection methods is proposed. To solve these problems, different algorithms can be used, differing in specificity and, as a result, efficiency. The classification of machine learning methods for detecting network anomalies is considered separately, since machine learning algorithms will be the most effective for the task. Various criteria for evaluating the effectiveness of machine learning models in solving the problem of network traffic profiling are considered. In accordance with the specifics of the tasks of user recognition and network anomaly detection, the most appropriate criteria for evaluating the effectiveness of machine learning models have been selected: AUC ROC – the area under the error curve. Four stages of the subsystem for analyzing user behavior and detecting network anomalies are highlighted. |
| format |
Статья |
| author |
Govorova, S. V. Говорова, С. В. Govorov, E. Y. Говоров, Е. Ю. Lapin, V. G. Лапин, В. Г. |
| author_facet |
Govorova, S. V. Говорова, С. В. Govorov, E. Y. Говоров, Е. Ю. Lapin, V. G. Лапин, В. Г. |
| author_sort |
Govorova, S. V. |
| title |
Comparative Analysis and Development of Recommendations for the Use of Machine Learning Methods to Identify Network Traffic Anomalies in the Development of a Subsystem for User Behavioral Analysis |
| title_short |
Comparative Analysis and Development of Recommendations for the Use of Machine Learning Methods to Identify Network Traffic Anomalies in the Development of a Subsystem for User Behavioral Analysis |
| title_full |
Comparative Analysis and Development of Recommendations for the Use of Machine Learning Methods to Identify Network Traffic Anomalies in the Development of a Subsystem for User Behavioral Analysis |
| title_fullStr |
Comparative Analysis and Development of Recommendations for the Use of Machine Learning Methods to Identify Network Traffic Anomalies in the Development of a Subsystem for User Behavioral Analysis |
| title_full_unstemmed |
Comparative Analysis and Development of Recommendations for the Use of Machine Learning Methods to Identify Network Traffic Anomalies in the Development of a Subsystem for User Behavioral Analysis |
| title_sort |
comparative analysis and development of recommendations for the use of machine learning methods to identify network traffic anomalies in the development of a subsystem for user behavioral analysis |
| publisher |
Springer Science and Business Media Deutschland GmbH |
| publishDate |
2024 |
| url |
https://dspace.ncfu.ru/handle/123456789/29365 |
| work_keys_str_mv |
AT govorovasv comparativeanalysisanddevelopmentofrecommendationsfortheuseofmachinelearningmethodstoidentifynetworktrafficanomaliesinthedevelopmentofasubsystemforuserbehavioralanalysis AT govorovasv comparativeanalysisanddevelopmentofrecommendationsfortheuseofmachinelearningmethodstoidentifynetworktrafficanomaliesinthedevelopmentofasubsystemforuserbehavioralanalysis AT govorovey comparativeanalysisanddevelopmentofrecommendationsfortheuseofmachinelearningmethodstoidentifynetworktrafficanomaliesinthedevelopmentofasubsystemforuserbehavioralanalysis AT govoroveû comparativeanalysisanddevelopmentofrecommendationsfortheuseofmachinelearningmethodstoidentifynetworktrafficanomaliesinthedevelopmentofasubsystemforuserbehavioralanalysis AT lapinvg comparativeanalysisanddevelopmentofrecommendationsfortheuseofmachinelearningmethodstoidentifynetworktrafficanomaliesinthedevelopmentofasubsystemforuserbehavioralanalysis AT lapinvg comparativeanalysisanddevelopmentofrecommendationsfortheuseofmachinelearningmethodstoidentifynetworktrafficanomaliesinthedevelopmentofasubsystemforuserbehavioralanalysis |
| _version_ |
1842245444921458688 |