Cargando…
TTANAD: Test-Time Augmentation for Network Anomaly Detection
Machine learning-based Network Intrusion Detection Systems (NIDS) are designed to protect networks by identifying anomalous behaviors or improper uses. In recent years, advanced attacks, such as those mimicking legitimate traffic, have been developed to avoid alerting such systems. Previous works ma...
| Autores principales: | , , , |
|---|---|
| Formato: | Online Artículo Texto |
| Lenguaje: | English |
| Publicado: |
MDPI
2023
|
| Materias: | |
| Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC10217189/ https://www.ncbi.nlm.nih.gov/pubmed/37238575 http://dx.doi.org/10.3390/e25050820 |
| _version_ | 1785048477153099776 |
|---|---|
| author | Cohen, Seffi Goldshlager, Niv Shapira, Bracha Rokach, Lior |
| author_facet | Cohen, Seffi Goldshlager, Niv Shapira, Bracha Rokach, Lior |
| author_sort | Cohen, Seffi |
| collection | PubMed |
| description | Machine learning-based Network Intrusion Detection Systems (NIDS) are designed to protect networks by identifying anomalous behaviors or improper uses. In recent years, advanced attacks, such as those mimicking legitimate traffic, have been developed to avoid alerting such systems. Previous works mainly focused on improving the anomaly detector itself, whereas in this paper, we introduce a novel method, Test-Time Augmentation for Network Anomaly Detection (TTANAD), which utilizes test-time augmentation to enhance anomaly detection from the data side. TTANAD leverages the temporal characteristics of traffic data and produces temporal test-time augmentations on the monitored traffic data. This method aims to create additional points of view when examining network traffic during inference, making it suitable for a variety of anomaly detector algorithms. Our experimental results demonstrate that TTANAD outperforms the baseline in all benchmark datasets and with all examined anomaly detection algorithms, according to the Area Under the Receiver Operating Characteristic (AUC) metric. |
| format | Online Article Text |
| id | pubmed-10217189 |
| institution | National Center for Biotechnology Information |
| language | English |
| publishDate | 2023 |
| publisher | MDPI |
| record_format | MEDLINE/PubMed |
| spelling | pubmed-102171892023-05-27 TTANAD: Test-Time Augmentation for Network Anomaly Detection Cohen, Seffi Goldshlager, Niv Shapira, Bracha Rokach, Lior Entropy (Basel) Article Machine learning-based Network Intrusion Detection Systems (NIDS) are designed to protect networks by identifying anomalous behaviors or improper uses. In recent years, advanced attacks, such as those mimicking legitimate traffic, have been developed to avoid alerting such systems. Previous works mainly focused on improving the anomaly detector itself, whereas in this paper, we introduce a novel method, Test-Time Augmentation for Network Anomaly Detection (TTANAD), which utilizes test-time augmentation to enhance anomaly detection from the data side. TTANAD leverages the temporal characteristics of traffic data and produces temporal test-time augmentations on the monitored traffic data. This method aims to create additional points of view when examining network traffic during inference, making it suitable for a variety of anomaly detector algorithms. Our experimental results demonstrate that TTANAD outperforms the baseline in all benchmark datasets and with all examined anomaly detection algorithms, according to the Area Under the Receiver Operating Characteristic (AUC) metric. MDPI 2023-05-19 /pmc/articles/PMC10217189/ /pubmed/37238575 http://dx.doi.org/10.3390/e25050820 Text en © 2023 by the authors. https://creativecommons.org/licenses/by/4.0/Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/). |
| spellingShingle | Article Cohen, Seffi Goldshlager, Niv Shapira, Bracha Rokach, Lior TTANAD: Test-Time Augmentation for Network Anomaly Detection |
| title | TTANAD: Test-Time Augmentation for Network Anomaly Detection |
| title_full | TTANAD: Test-Time Augmentation for Network Anomaly Detection |
| title_fullStr | TTANAD: Test-Time Augmentation for Network Anomaly Detection |
| title_full_unstemmed | TTANAD: Test-Time Augmentation for Network Anomaly Detection |
| title_short | TTANAD: Test-Time Augmentation for Network Anomaly Detection |
| title_sort | ttanad: test-time augmentation for network anomaly detection |
| topic | Article |
| url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC10217189/ https://www.ncbi.nlm.nih.gov/pubmed/37238575 http://dx.doi.org/10.3390/e25050820 |
| work_keys_str_mv | AT cohenseffi ttanadtesttimeaugmentationfornetworkanomalydetection AT goldshlagerniv ttanadtesttimeaugmentationfornetworkanomalydetection AT shapirabracha ttanadtesttimeaugmentationfornetworkanomalydetection AT rokachlior ttanadtesttimeaugmentationfornetworkanomalydetection |