Visible to the public Anomalous IP Address Detection on Traffic Logs Using Novel Word Embedding

Submitted by aekwall on Mon, 02/22/2021 - 1:41pm
TitleAnomalous IP Address Detection on Traffic Logs Using Novel Word Embedding
Publication TypeConference Paper
Year of Publication2020
AuthorsKoda, S., Kambara, Y., Oikawa, T., Furukawa, K., Unno, Y., Murakami, M.
Conference Name2020 IEEE 44th Annual Computers, Software, and Applications Conference (COMPSAC)
Date Publishedjul
Keywordsanomalous IP address detection algorithm, anomaly detection, Clustering algorithms, detection performance, feature extraction, Human Behavior, IP addresses, IP networks, learning (artificial intelligence), Linear programming, Log Mining, machine learning-based anomaly detection, natural language processing, network traffic logs, pubcrawl, representative features, Resiliency, Scalability, security, security of data, telecommunication traffic, vanilla word embeddings, word embedding, word embedding techniques, word embedding-based feature extraction
AbstractThis paper presents an anomalous IP address detection algorithm for network traffic logs. It is based on word embedding techniques derived from natural language processing to extract the representative features of IP addresses. However, the features extracted from vanilla word embeddings are not always compatible with machine learning-based anomaly detection algorithms. Therefore, we developed an algorithm that enables the extraction of more compatible features of IP addresses for anomaly detection than conventional methods. The proposed algorithm optimizes the objective functions of word embedding-based feature extraction and anomaly detection, simultaneously. According to the experimental results, the proposed algorithm outperformed conventional approaches; it improved the detection performance from 0.876 to 0.990 in the area under the curve criterion in a task of detecting the IP addresses of attackers from network traffic logs.
DOI10.1109/COMPSAC48688.2020.00-42
Citation Keykoda_anomalous_2020
Groups: