Campus Network Traffic Prediction and Anomaly Detection Based on Deep Learning

Jun Li; Noel B.  Linsangan; Huiguo Dong

doi:10.62677/IJETAA.2407123

Authors

Jun Li Graduate School, Mapua University, Manila, Philippine and Hebei Vocational University of Technology and Engineering, Hebei, China Author
Noel B. Linsangan Graduate School, Mapua University, Manila, Philippine Author
Huiguo Dong Hebei Vocational University of Technology and Engineering, Hebei, China Author

DOI:

https://doi.org/10.62677/IJETAA.2407123

Keywords:

Campus Network Security, Network Traffic Prediction, Anomaly Detection, Deep Learning, Visualization

Abstract

This paper proposes an intelligent solution for network traffic prediction and anomaly detection in campus networks, addressing the increasingly severe network security challenges. The proposed approach innovatively integrates Convolutional Neural Networks (CNN) and Long Short-Term Memory networks (LSTM) to simultaneously extract local features and capture dynamic temporal dependencies of network traffic, significantly improving prediction accuracy. Based on this, an adaptive threshold anomaly detection algorithm is designed to automatically adjust detection sensitivity according to traffic variations, achieving a better balance between accuracy and recall rates. Additionally, an anomaly visualization scheme is presented, intuitively displaying the spatiotemporal distribution of network anomalies through heatmaps, assisting administrators in decision-making. Large-scale experiments demonstrate that this approach can effectively identify various security threats such as DDoS attacks, scanning probes, and botnets, with an overall detection rate exceeding 90% while maintaining a low false positive rate. Compared to traditional statistical and machine learning methods, the proposed approach exhibits stronger adaptability and generalization capabilities, providing crucial support for building an intelligent, precise, and reliable campus network security protection system. Future work will focus on further improving the real-time performance and robustness of the solution, expanding its application in new network scenarios such as IoT and edge computing.

Downloads

Download data is not yet available.

References

R. Boutaba, M. A. Salahuddin, N. Limam et al., "A comprehensive survey on machine learning for networking: evolution, applications and research opportunities," J Internet Serv Appl, vol. 9, p. 16, 2018.

I. Kerrakchou, A. Abou El Hassan, S. Chadli, M. Emharraf, and M. Saber, "Selection of efficient machine learning algorithm on Bot-IoT dataset for intrusion detection in internet of things networks," Indones. J. Electr. Eng. Comput. Sci, vol. 31, no. 3, pp. 1784-1793, 2023.

O. Aouedi, K. Piamrat, and B. Parrein, "Ensemble-based deep learning model for network traffic classification," IEEE Transactions on Network and Service Management, vol. 19, no. 4, pp. 4124-4135, 2022.

H. Sadia, S. Farhan, Y. U. Haq, R. Sana, T. Mahmood, S. A. O. Bahaj, and A. R. Khan, "Intrusion detection system for wireless sensor networks: A machine learning based approach," IEEE Access, vol. 12, pp. 52565-52582, 2024.

R. Chaganti, W. Suliman, V. Ravi, and A. Dua, "Deep learning approach for SDN-enabled intrusion detection system in IoT networks," Information, vol. 14, no. 1, p. 41, 2023.

F. Hu, S. Zhang, X. Lin, L. Wu, N. Liao, and Y. Song, "Network traffic classification model based on attention mechanism and spatiotemporal features," EURASIP Journal on Information Security, vol. 2023, no. 1, p. 6, 2023.

R. T. Elmaghraby, N. M. A. Aziem, M. A. Sobh, and A. M. Bahaa-Eldin, "Encrypted network traffic classification based on machine learning," Ain Shams Engineering Journal, vol. 15, no. 2, p. 102361, 2024.

V. K. Mololoth, S. Saguna, and C. Åhlund, "Blockchain and machine learning for future smart grids: A review," Energies, vol. 16, no. 1, p. 528, 2023.

M. Al-Fayoumi, M. Al-Fawa'reh, and S. Nashwan, "VPN and Non-VPN network traffic classification using time-related features," Computers, Materials & Continua, vol. 72, no. 2, 2022.

A. Halbouni, T. S. Gunawan, M. H. Habaebi, M. Halbouni, M. Kartiwi, and R. Ahmad, "CNN-LSTM: hybrid deep neural network for network intrusion detection system," IEEE Access, vol. 10, pp. 99837-99849, 2022.

H. Mliki, A. H. Kaceam, and L. Chaari, "A comprehensive survey on intrusion detection based machine learning for IoT networks," EAI Endorsed Transactions on Security & Safety, vol. 8, no. 29, 2021.

M. Naveed, F. Arif, S. M. Usman, A. Anwar, M. Hadjouni, H. Elmannai et al., "A deep learning‐based framework for feature extraction and classification of intrusion detection in networks," Wireless Communications and Mobile Computing, vol. 2022, no. 1, p. 2215852, 2022.

T. L. Huoh, Y. Luo, P. Li, and T. Zhang, "Flow-based encrypted network traffic classification with graph neural networks," IEEE Transactions on Network and Service Management, vol. 20, no. 2, pp. 1224-1237, 2022.

B. Xue, H. Zhao, and W. Yao, "Deep transfer learning for IoT intrusion detection," in 2022 3rd International Conference on Computing, Networks and Internet of Things (CNIOT), pp. 88-94, IEEE, 2022.

A. Nawaz, S. S. Khan, and A. Ahmad, "Ensemble of autoencoders for anomaly detection in biomedical data: A narrative review," IEEE Access, vol. 12, pp. 17273-17289, 2024.

A. T. Assy, Y. Mostafa, A. Abd El-khaleq, and M. Mashaly, "Anomaly-based intrusion detection system using one-dimensional convolutional neural network," Procedia Computer Science, vol. 220, pp. 78-85, 2023.

R. U. Rasool, "CyberPulse: A security framework for software-defined networks," Doctoral dissertation, Victoria University, 2021.

L. Santos, R. Gonçalves, C. Rabadao, and J. Martins, "A flow-based intrusion detection framework for internet of things networks," Cluster Computing, vol. 26, no. 1, pp. 37-57, 2023.

M. A. Khan and Y. Kim, "Deep learning-based hybrid intelligent intrusion detection system," Computers, Materials & Continua, vol. 68, no. 1, 2021.

M. M. Otoom, K. N. A. Sattar, and M. Al Sadig, "Ensemble model for network intrusion detection system based on bagging using J48," Advances in Science and Technology. Research Journal, vol. 17, no. 2, pp. 322-329, 2023.

S. Mahajan, R. HariKrishnan, and K. Kotecha, "Prediction of network traffic in wireless mesh networks using hybrid deep learning model," IEEE Access, vol. 10, pp. 7003-7015, 2022.

A. Drewek-Ossowicka, M. Pietrołaj, and J. Rumiński, "A survey of neural networks usage for intrusion detection systems," Journal of Ambient Intelligence and Humanized Computing, vol. 12, no. 1, pp. 497-514, 2021.

M. Shen, K. Ye, X. Liu, L. Zhu, J. Kang, S. Yu et al., "Machine learning-powered encrypted network traffic analysis: A comprehensive survey," IEEE Communications Surveys & Tutorials, vol. 25, no. 1, pp. 791-824, 2022.

G. Aceto, D. Ciuonzo, A. Montieri, and A. Pescapé, "DISTILLER: Encrypted traffic classification via multimodal multitask deep learning," Journal of Network and Computer Applications, vol. 183, p. 102985, 2021.

A. K. Cherukuri, S. T. Ikram, G. Li, and X. Liu, "Classification of encrypted network traffic," in Encrypted Network Traffic Analysis, pp. 47-59, Springer International Publishing, Cham, 2024.

B. D. Deebak and S. O. Hwang, "Federated learning-based lightweight two-factor authentication framework with privacy preservation for mobile sink in the social IoMT," Electronics, vol. 12, no. 5, p. 1250, 2023.

R. Zhao, Z. Li, Z. Xue, T. Ohtsuki, and G. Gui, "A novel approach based on lightweight deep neural network for network intrusion detection," in 2021 IEEE Wireless Communications and Networking Conference (WCNC), pp. 1-6, IEEE, 2021.

M. A. Ferrag, O. Friha, L. Maglaras, H. Janicke, and L. Shu, "Federated deep learning for cyber security in the internet of things: Concepts, applications, and experimental analysis," IEEe Access, vol. 9, pp. 138509-138542, 2021.

Z. Zhao, Y. Lai, Y. Wang, W. Jia, and H. He, "A few-shot learning based approach to IoT traffic classification," IEEE Communications Letters, vol. 26, no. 3, pp. 537-541, 2021.

E. Gelenbe and M. Nakıp, "Traffic based sequential learning during botnet attacks to identify compromised iot devices," IEEe Access, vol. 10, pp. 126536-126549, 2022.

I. F. Kilincer, F. Ertam, and A. Sengur, "Machine learning methods for cyber security intrusion detection: Datasets and comparative study," Computer Networks, vol. 188, p. 107840, 2021.

J. Ashraf, M. Keshk, N. Moustafa, M. Abdel-Basset, H. Khurshid, A. D. Bakhshi, and R. R. Mostafa, "IoTBoT-IDS: A novel statistical learning-enabled botnet detection framework for protecting networks of smart cities," Sustainable Cities and Society, vol. 72, p. 103041, 2021.

A. Y. M. Alsumaini, "Two-stage ensemble learning for nids multiclass classification," Master's thesis, Hamad Bin Khalifa University (Qatar), 2023.

N. Pachhala, S. Jothilakshmi, and B. P. Battula, "Enhanced malware family classification via image-based analysis utilizing a balance-augmented VGG16 model," Traitement du Signal, vol. 40, no. 5, pp. 2169-2178, 2023.

Z. Shi, M. Xing, J. Zhang, and B. H. Wu, "Few-shot network intrusion detection based on model-agnostic meta-learning with l2f method," in 2023 IEEE Wireless Communications and Networking Conference (WCNC), pp. 1-6, IEEE, 2023.

Roohullah, F. Wahid, S. Ali, I. A. Abbasi, S. Baseer, and H. U. Khan, "Accident detection in autonomous vehicles using modified restricted Boltzmann machine," Security and Communication Networks, vol. 2022, no. 1, p. 6424835, 2022.

N. M. Yungaicela-Naula, C. Vargas-Rosales, and J. A. Perez-Diaz, "SDN-based architecture for transport and application layer DDoS attack detection by using machine and deep learning," Ieee Access, vol. 9, pp. 108495-108512, 2021.

H. Lin, L. Shou, K. Chen, G. Chen, and S. Wu, "FL-GUARD: A holistic framework for run-time detection and recovery of negative federated learning," Data Science and Engineering, vol. 9, no. 2, pp. 204-219, 2024.