Mathematics and Computational Sciences

Computer networks anomaly detection by using PCA & pattern recognition

Document Type : Original Article

Authors

Elham Bideh 1
Javad Vahidi 2

1 Master Science of Computer Networks, Shomal University, Amol, Iran

2 Department of Computer Science, Iran University of Science and Technology, Tehran, Iran

https://doi.org/10.30511/mcs.2025.2052129.1301
Abstract
The detection of anomalies in computer networks is one of the most considerable challenges that experts in this field are facing nowadays. Thus far, different artificial intelligence methods and algorithms have been proposed, tested, and utilized for detecting these anomalies. However, attempts made to enhance the speed and accuracy of these anomalies’ detection process are continuously ongoing. In this research, pattern recognition based on artificial neural networks is applied to automatically detect anomalies in computer networks. Also, to increase the speed of the pattern recognition based on the process of the neural network, the principal component analysis algorithm will be used as a method for dimension reduction of training samples. The results of the performed simulations based on the proposed methods in this research show that dimension reduction of training samples by principal component analysis algorithm and then applying the pattern recognition based on neural networks method leads to high-speed (less than 10 seconds) and high-accuracy (99-100%) detection of anomalies in computer networks.

Keywords

Computer Networks Anomaly Detection
Pattern Recognition
Artificial Neural Networks
Back Propagation Algorithm
Principal Component Analysis

Subjects

[1] Aha, D. W., Kibler, D., Albert, M. k. (1991). Instance-based learning algorithms. Machine Learning, 6, 37-66. 2.1
[2] Alghawli, A. S. (2022). Complex methods detect anomalies in real time based on time series analysis. Alexandria Engineering Journal, 61(1), 549-561. 1, 4.3
[3] Alhaidari, S., Alharbi, A., Alshaikhsaleh, M., Zohdy, M., Debnath, D. (2019). Network traffic anomaly detection based on viterbi algorithm using SNMP MIB data. In Proceedings of the 2019 3rd International Conference on Information System and Data Mining (ICISDM 2019), 92-97. 1, 4.3
[4] Al-Kasassbeh, M., Al-Naymat, G., Al-Hawari,E. (2016). Towards generating realistic SNMP-MIB dataset for network anomaly detection. International Journal of Computer Science and Information Security (IJCSIS), 14(9). 3
[5] Almseidin, M., Alkasassbeh, M., Kovacs, S. (2018). Fuzzy rule interpolation and SNMP-MIB for emerging network abnormality. ArXiv. 1
[6] Al-Naymat, G., Hussain, H., Al-Kasassbeh, M., Al-Dmour, N. (2021). Accurate detection of network anomalies within SNMP-MIB data set using deep learning. International Journal of Computer Applications in Technology, 66(1), 74-85. 1
[7] Analoui, M., Fadavi Amiri, M. (2008). Feature reduction of nearest neighbor classifiers using genetic algorithm. International Journal of Computer and Information Engineering, 2(5). 2.1
[8] Chan Phooi Mng, J., Mehralizadeh, M. (2016). Forecasting east asian indices futures via a novel hybrid of wavelet- PCA denoising and artificial neural network models. PLOS ONE. 2
[9] Fernat’ndez, M., Camacho, J., Magat’n-Carriot’n, R., Garct’a-Teodoro, P., Theron, R. (2018). Ugr16: a new dataset for the evaluation of cyclostationarity-based network IDSs. Computers & security, 73, 411424. 3
[10] Fukunaga, K. (1990). Introduction to Statistical Pattern Recognition. Second Edition. Academic Press. 2.1
[11] Gradient descent backpropagation: http://matlab.izmiran.ru/help/toolbox/nnet/traingd.html 2.4
[12] Gradient descent with adaptive learning rate: http://matlab.izmiran.ru/help/toolbox/nnet/traingda.html 2.4
[13] Gradient descent with momentum: http://matlab.izmiran.ru/help/toolbox/nnet/traingdm.html 2.4
[14] Gradient descent with momentum and adaptive learning rate: http://matlab.izmiran.ru/help/toolbox/nnet/ traingdx.html 2.4
[15] Gogoi, P., Bhattacharyya, D. K., Borah, B., Kalita, J. K. (2011). A survey of outlier detection methods in network anomaly identification. The Computer Journal, 54(4), 570-588. 1
[16] Jesan, J. (2004). The neural approach to pattern recognition. ACM Digital Library, 2004. 2.1, 2.3
[17] Johnson, D. (2023). Unsupervised machine learning: Algorithms, types with example. Guru99. 1
[18] Jolliffe, I. T. (1986). Principal component analysis. Springer Series in Statistics. 2.2
[19] Karamizadeh,S., Abdullah, S.M., Manaf, A.A., Zamani, M., Hooman, A. (2013). An overview of principal component analysis. Journal of Signal and Information Processing, 4, 173-175. 3.2
[20] Levenberg-Marquardt backpropagation: http://matlab.izmiran.ru/help/toolbox/nnet/trainlm.html 2.4
[21] Monshizadeh, M., Khatri, V., Atli, B. G., Kantola, R., Yan, Z. (2019). Performance evaluation of a combined anomaly detection platform. IEEE Access 7, 100964100978. 3
[22] Nassif, A. B., Talib, M. A., Nasir, Q., Dakalbab, F. M. (2021). Machine learning for anomaly detection: A Systematic review. IEEE Access, 9, 78658-78700. 1
[23] Pu, G., Wang, L., Shen, J., Dong, F. (2021). A hybrid unsupervised clustering-based anomaly detection method. In Tsinghua Science and Technology, 26(2), 146-153. 1
[24] Robles, E.O., Melin, P. (2019). A hybrid design of shadowed type-2 fuzzy inference systems applied in diagnosis problems. Engineering Applications of Artificial Intelligence, 86, 43-55. 5
[25] Thompson, N. C., Greenewald, K., Lee, K., Manso, G. F. (2022). The computational limits of deep learning. ArXiv. 1
[26] Tsymbal, A., Puuronen, S., Pechenizkiy, M., Baumgarten, M., Patterson, D. (2002). Eigenvector-based feature extraction for classification. FLAIRS-02 Conference Proceedings. 2.1, 2.2, 2.2
[27] Wang, Q. (2015). Computer network fault diagnosis based on neural network. International Journal of Future Generation Communication and Networking, 8(5), 39-50. 2.4, 2.5, 2.5
Mathematics and Computational Sciences
Volume 6, Issue 2
Spring 2025
Pages 77-91

  • Receive Date 30 January 2025
  • Accept Date 24 April 2025

Home

Submit Manuscript

Reviewers

Contact Us