[Back]

D. Ferreira, F. Iglesias Vazquez, T. Zseby:
"Extreme Dimensionality Reduction for Network Attack Visualization with Autoencoders";
Talk: International Joint Conference on Neural Networks IJCNN, Budapest; 07-14-2019 - 07-19-2019; in: "Proceedings of the 2019 International Joint Conference on Neural Networks (IJCNN)", (2019), ISSN: 2161-4393; 1 - 10.

The visualization of network traffic flows is an
open problem that affects the control and administration of
communication networks. Feature vectors used for representing
traffic commonly have from tens to hundreds of dimensions
and hardly tolerate visual conceptualizations. In this work we
use neural networks to obtain extremely low-dimensional data
representations that are meaningful from an attack-detection
perspective. We focus on a simple Autoencoder architecture,
as well as an extension that benefits from pre-knowledge, and
evaluate their performances by comparing them with reductions
based on Principal Component Analysis and Linear Discriminant
Analysis. Experiments are conducted with a modern Intrusion
Detection dataset that collects legitimate traffic mixed with a
wide variety of attack classes. Results show that feature spaces
can be strongly reduced up to two dimensions with tolerable
classification degradation while providing a clear visualization of
the data. Visualizing traffic flows in two-dimensional spaces is
extremely useful to understand what is happening in networks,
also to enhance and refocus classification, trigger refined analysis,
and aid the security experts´ decision-making. We additionally
developed a tool prototype that covers such functions, therefore
supporting the optimization of network traffic attack detectors
in both design and application phases.

autoencoders; neural networks; dimensionality reduction; network traffic analysis

http://dx.doi.org/10.1109/IJCNN.2019.8852056

https://ieeexplore.ieee.org/document/8852056