Abstract
Network anomaly detection faces unique challenges from dynamic traffic, including large data volume, few attributes, and human factors that influence it, making it difficult to identify typical behavioral characteristics. To address this, we propose using Sketch-based Profile Evolution (SPE) to detect network traffic anomalies. Firstly, the Traffic Graph (TG) of the network terminal is generated using Sketch to identify abnormal data flow positions. Next, the Convolutional Neural Network and Long Short-Term Memory Network (CNN-LSTM) are used to develop traffic behavior profiles, which are then continuously updated using Evolution to detect behavior pattern changes in real-time data streams. SPE allows for direct processing of raw traffic datasets and continuous detection of constantly updated data streams. In experiments using real network traffic datasets, the SPE algorithm was found to be far more efficient and accurate than PCA and Basic Evolution for outlier detection. It is important to note that the value of φ can affect the results of anomaly detection.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
