Network anomaly detection based on WaveNet
Kokkonen, Tero; Puuska, Samir; Alatalo, Janne; Heilimo, Eppu; Mäkelä, Antti (2019)
Kokkonen, Tero
Puuska, Samir
Alatalo, Janne
Heilimo, Eppu
Mäkelä, Antti
Editoija
Galinina, Olga
Andreev, Sergey
Balandin, Sergey
Koucheryavy, Yevgeni
Springer
2019
All rights reserved. This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi-fe2019092630082
https://urn.fi/URN:NBN:fi-fe2019092630082
Tiivistelmä
Increasing amount of attacks and intrusions against networked systems and data networks requires sensor capability. Data in modern networks, including the Internet, is often encrypted, making classical traffic analysis complicated. In this study, we detect anomalies from encrypted network traffic by developing an anomaly based network intrusion detection system applying neural networks based on the WaveNet architecture. Implementation was tested using dataset collected from a large annual national cyber security exercise. Dataset included both legitimate and malicious traffic containing modern, complex attacks and intrusions. The performance results indicated that our model is suitable for detecting encrypted malicious traffic from the datasets.