Unsupervised Network Anomaly Detection with Autoencoders and Traffic Images
This addresses the need for efficient anomaly detection in large-scale, heterogeneous network environments, though it appears incremental by applying existing methods like autoencoders to a new data representation.
The paper tackles the problem of detecting network security anomalies in heterogeneous connected devices by proposing an image-based representation of network traffic that summarizes conditions in 1-second windows, and presents an unsupervised learning approach that effectively detects anomalies, with code and dataset made available.
Due to the recent increase in the number of connected devices, the need to promptly detect security issues is emerging. Moreover, the high number of communication flows creates the necessity of processing huge amounts of data. Furthermore, the connected devices are heterogeneous in nature, having different computational capacities. For this reason, in this work we propose an image-based representation of network traffic which allows to realize a compact summary of the current network conditions with 1-second time windows. The proposed representation highlights the presence of anomalies thus reducing the need for complex processing architectures. Finally, we present an unsupervised learning approach which effectively detects the presence of anomalies. The code and the dataset are available at https://github.com/michaelneri/image-based-network-traffic-anomaly-detection.