Volume 12 - Issue 1
Machine Learning Based Approach to Anomaly and Cyberattack Detection in Streamed Network Traffic Data
- Mikolaj Komisarek
ITTI Sp. z o.o.,Poznan, Poland, UTP University Of Science And Technology, Bydgoszcz, Poland
- Marek Pawlicki
ITTI Sp. z o.o.,Poznan, Poland, UTP University Of Science And Technology, Bydgoszcz, Poland
mpawlicki@itti.com.pl
- Rafal Kozik
ITTI Sp. z o.o.,Poznan, Poland, UTP University Of Science And Technology, Bydgoszcz, Poland
- Michal Choras
FernUniversitat in Hagen, Germany, UTP University Of Science And Technology, Bydgoszcz, Poland
Keywords: machine learning, stream processing, intrusion detection
Abstract
In this paper, the performance of a solution providing stream processing is evaluated, and its accuracy
in the classification of suspicious flows in simulated network traffic is investigated. The concept
of the solution is fully disclosed along with its initial evaluation in a real-world environment. The
proposition features Apache Kafka for efficient communication among different applications, along
with Elasticsearch and Kibana as storage and visualisation solutions. At the heart of the engine are
machine learning algorithms implemented using the TensorFlow library, providing the cutting edge
in network intrusion detection. The tool allows easy definition of streams and implementation of any
machine learning algorithm.