Machine Learning Based Approach to Anomaly and Cyberattack Detection in Streamed Network Traffic Data

Mikołaj Komisarek^1,3, Marek Pawlicki^1,3+, Rafał Kozik^1,3 and Michał Choraś^2,3
 

¹ITTI Sp. z o.o., Poznan, Poland 

²FernUniversitat in Hagen, Germany 

³UTP University Of Science And Technology, Bydgoszcz, Poland  

Abstract

In this paper, the performance of a solution providing stream processing is evaluated, and its accuracy in the classification of suspicious flows in simulated network traffic is investigated. The concept of the solution is fully disclosed along with its initial evaluation in a real-world environment. The proposition features Apache Kafka for efficient communication among different applications, along with Elasticsearch and Kibana as storage and visualisation solutions. At the heart of the engine are machine learning algorithms implemented using the TensorFlow library, providing the cutting edge in network intrusion detection. The tool allows easy definition of streams and implementation of any machine learning algorithm.

Keywords: machine learning, stream processing, intrusion detection

+: Corresponding author: Marek Pawlicki
ITTI Sp. z o.o., Rubiez 46, 61-612 Poznan, Poland,
Tel: +48-616226985, Email: mpawlicki@itti.com.pl, Web: https://www.itti.com.pl

Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications (JoWUA), Vol. 12, No. 1, pp. 3-19, March 2021 [pdf]

Received: December 22, 2020; Accepted: February 18, 2021; Published: March 31, 2021

DOI: 10.22667/JOWUA.2021.03.31.003