Anomaly Detection for Network Traffic Using Machine Learning

Abstract

It is found that advanced persistent cyber threats transcend the capability of the traditional network security systems in accurately identifying and preventing threats. To help tackle this, anomaly detection has risen to spotlight as a way of identifying strange network activity, which would signify the existence of malware. This work concerns the design of an enhanced network anomaly detection system based machine learning; the work uses the Random Forest algorithm. The advantages of the proposed system have been labeled as ‘signals of value’ which include the ability to analyze flow anomalies such as DoS, unauthorized access attempts, data exfiltration and other malicious activities in Network Traffic for further improvement of Network Security. These features of the network detail includes the packet size, packet protocol type and communication pattern which the system uses to train its model for accurate data results. The performance of the system was tested in a number of experiments that proved very high accuracy levels, precision and recall rates, thus proving that the proposed system can indeed be effective in real-time detection applications. The model was also superior to FW+AVG because it provided generalization to new attacks and the ability to minimize the false positives. Fur- thermore, the system accomplishes its functionalities effectively in dynamic network conditions and cautions appropriately to strengthen the network administration against potential threats. The outcomes of this study add values to the current literature on network anomaly detection leading to the provision of directions for further enhancement of the research, including the integration of learning from other techniques in real-time and addressing class imbalance. This paper insinuates that the future of network security is very bright because organizations can reduce the risk posed by incipient cyber threats by employing machine learning anomaly detection