Proceedings of the Second International Conference on Intelligent Cyber Physical Systems and Internet of Things (ICoICI 2024)

IEEE Xplore Part Number : CFP24VG0-ART ; ISBN : 979-8-3315-4066-1

Enhanced Network Anomaly Detection using

Autoencoders: A Deep Learning Approach for
Proactive Cybersecurity
2024 Second International Conference on Intelligent Cyber Physical Systems and Internet of Things (ICoICI) | 979-8-3315-4066-1/24/$31.00 ©2024 IEEE | DOI: 10.1109/ICOICI62503.2024.10696845

Judy Simon Nellore Kapileswar Rajamanickam Vani

Dept. of Electronics and Communication Dept. of Electronics and Communication Dept. of Electronics and Communication
Engineering Engineering Engineering
SRM Institute of Science and SRM Institute of Science and SRM Institute of Science and
Technology, Ramapuram Technology, Ramapuram Technology, Ramapuram
Chennai, India Chennai, India Chennai, India
[email protected] [email protected] [email protected]

Narala Madhukara Reddy Dudekula Moulali Anki Reddy Narayana Reddy

Dept. of Electronics and Communication Dept. of Electronics and Communication Dept. of Electronics and Communication
Engineering Engineering Engineering
SRM Institute of Science and SRM Institute of Science and SRM Institute of Science and
Technology, Ramapuram Technology, Ramapuram Technology, Ramapuram
Chennai, India Chennai, India Chennai, India
[email protected] [email protected] [email protected]

Abstract - Anomaly detection in network traffic is core part of network traffic. This leads to adoption of machine
modern network management. It plays vital role in finding learning (ML) methods which provide capability to learn
the security threats and performance issues. Finding the and adapt the new attack patterns dynamically. Among
threats using the machine learning (ML) method provides an
many ML methods [1], deep learning method such as
efficient solution to dynamically lean normal network
autoencoder have shown significant solution in anomaly
behaviour and detect deviation indicative of anomalies. This
study proposed a Support vector machine with Autoencoder detection. Autoencoder are unsupervised neural designed
for detecting the anomalies in network traffic. Implementing to learn efficient representation of input data. By training
ML methods for threat identification improves network on normal network traffic, autoencoders can identify
security by enabling rapid response to potential threats and patterns and find deviations making them well suited for
issues. Hence this method also reducing downtime and anomaly detection tasks.
improving overall network reliability. This study indicates the
benefits of ML driven anomaly detection, highlighting its
capability to provide a proactive security posture, rapid
identification and resolution of anomalies ensuring an
efficient network infrastructure.

Keywords - Anomaly detection, Machine learning,

Support vector machine, Network security, Autoencoder

I. INTRODUCTION

The rapid expansion of digital networks has

revolutionized domains such as communications,
business operations and personal interactions. However,
this growth has also introduced significant security
challenges with cyber threats becoming increasingly
advanced and frequent methods. Anomaly detection in
network traffic is important for finding and controlling
these threats, ensuring network reliability and protecting
sensitive data. Anomalies in network traffic can be Fig. 1. General framework for anomaly detection in network
traffic
indicative of various security issues, such as
unauthorized access, data exfiltration, distributed denial- The main objectives of this research are:
of-service (DDoS) attacks, and malware infections.
➢ To develop an autoencoder-based method for
Traditional methods face challenges to managing with detecting anomalies in network traffic.
the evolving capabilities of cyber threats. Figure 1 shows ➢ To evaluate the performance of the autoencoder
the conventional method for anomaly detection in method using standard evaluation metrics.

979-8-3315-4066-1/24/$31.00 ©2024 IEEE 90

Authorized licensed use limited to: SRM Institute of Science and Technology- RamaPuram. Downloaded on November 15,2024 at 04:09:06 UTC from IEEE Xplore. Restrictions apply.
 Proceedings of the Second International Conference on Intelligent Cyber Physical Systems and Internet of Things (ICoICI 2024)
IEEE Xplore Part Number : CFP24VG0-ART ; ISBN : 979-8-3315-4066-1

➢ To compare the autoencoder's effectiveness with time applications within highly dynamic network
other machine learning techniques in anomaly environments. The integration of machine learning
detection. with spatial-temporal data analysis stands out as a
➢ To provide advancements into the practical major merit, enabling effective adaptation to network
implementation of autoencoders for real-time changes and conditions [15].
network security.
II. LITERATURE SURVEY The study [16] focuses on real-time detection of
network traffic anomalies in big data environments
To mitigate the high dimensional traffic and using deep learning methods, specifically Long Short-
overfitting issue, [2] represents a network traffic Term Memory (LSTM) and Convolutional Neural
anomaly detection method. It utilizes the chaotic Networks (CNN). It introduces a hybrid CNN-LSTM
neural network algorithm. An adaptive technique is method that processes network traffic data efficiently,
also employed to increase the performance of handling the high volume and dynamic nature of
classification and quality of data. This method reduces modern network traffic [17].
the dimension of feature and enhance the
effectiveness. It also eliminates the computational [18] represents the unsupervised learning method for
complexity. Using Gaussian mixture method, a anomaly detection in cloud. It manages the unlabelled
network traffic anomaly detection method is proposed data and also reduce the complexity. But this method
in [3]. This approach predicts and learn effectively has real time novel attack vector which leads to zero-
among normal and attack detection. But it has more day threats. Different deep learning methods for
complex on performance. A technique for anomaly network anomaly detection are employed in [19] using
detection in network traffics is proposed in [4]. The the CSE-CIC-IDS2018 dataset. It demonstrates
method utilizes Clustering methodologies with effective data preprocessing and hyperparameter
Euclidean distance calculations. This method performs tuning for accurate anomaly detection. The results
all these existing methods and showing its efficiency from these methods achieve multi-class classification
and robustness [5]. accuracies above 98%, showcasing a significant
improvement in network intrusion detection systems
The integration of SVM and Advanced support (IDS).
vector machine is introduced in [6]. This method
mitigates the issues in conventional approaches using III. PROPOSED METHODOLOGY
multiple SVMs. This method achieves in detection of This study focuses on utilizing
zero-day attack and its application [7, 8]. An Intrusion
autoencoders for anomaly detection in network traffic.
Detection System (IDS) for detecting Denial of
It involves gathering and preprocessing of network
Service (DoS) attacks in IoT networks using various
machine learning algorithms is proposed in [9]. Key traffic data, training an autoencoder method on normal
merits of this study include robust detection traffic and assessing the ability of method to identify
capabilities against DoS attacks and adaptability to the anomalies. The autoencoder in various network
IoT network configurations. However, limitations scenarios and compare it with other ML-based
might include potential overfitting with complex detection methods.
methods and the computational demand of the genetic
algorithm in real-time applications. This work 3.1 Data Collection
enhances the security of IoT networks by effectively
Collecting network traffic data from various
identifying and classifying DoS traffic [10, 11].
sources is crucial to obtain a comprehensive view of
The study [12] focuses on real-time anomaly network activity. Here are the primary sources for
detection in network traffic using Convolutional collecting network traffic data:
Neural Networks (CNN) integrated with Software
Defined Networks (SDN), addressing dynamic ➢ Routers
network configurations and preventing information ➢ Firewalls
loss in edge cluster networks. The proposed system ➢ Network analysis tools
shows high accuracy in anomaly detection, as ➢ Intrusion Detection system
highlighted by empirical results where the CNN-based ➢ Network switches
method efficiently processes and identifies anomalies ➢ Endpoints
through direct feature extraction from network traffic
[13]. A novel approach to traffic anomaly detection 3.2 Preprocessing Network Traffic Data
on road networks is proposed in [14] utilizing a
spatial-temporal graph neural network It achieves Preprocessing network traffic data is a crucial step
enhanced performance over baseline methods by to ensure that the data is clean, well-structured, and
employing a spatial-temporal representation that suitable for machine learning methods. Here are the
allows for accurate and automatic anomaly detection. detailed steps and methods used in preprocessing:
However, the method's complexity and the
computational demand could pose challenges in real-

979-8-3315-4066-1/24/$31.00 ©2024 IEEE 91

Authorized licensed use limited to: SRM Institute of Science and Technology- RamaPuram. Downloaded on November 15,2024 at 04:09:06 UTC from IEEE Xplore. Restrictions apply.
 Proceedings of the Second International Conference on Intelligent Cyber Physical Systems and Internet of Things (ICoICI 2024)
IEEE Xplore Part Number : CFP24VG0-ART ; ISBN : 979-8-3315-4066-1

➢ Removing the noise to smooth out short term Feature extraction is a crucial step in preparing data
fluctuations and indicate long term trends. for machine learning methods, particularly for tasks
➢ Linear interpolation is used to estimate the like anomaly detection in network traffic. This process
missing values based on existing dataset. involves selecting and engineering features that will
➢ Normalization methods are used to guarantee help the method identify patterns and make accurate
the uniformity across features and improve predictions.
performance of method.
Feature engineering involves creating new
features from the existing data to enhance the
method’s ability to detect anomalies. This process can
reveal hidden patterns and relationships in the data
that are not immediately apparent from the raw
features.

3.6 Classification

In the context of anomaly detection in network

traffic, selecting and training the right machine
learning methods is crucial. Support Vector Machine
(SVM) for classification is explored below.

3.6.1 Support Vector Machine (SVM)

Support Vector Machines are supervised learning

methods used for classification and regression tasks.
In anomaly detection, SVMs can classify network
traffic as normal or anomalous based on labelled data.

The main goal of an SVM is to find the optimal

hyperplane that best separates the data into different
classes (normal vs. anomalous). This hyperplane
Fig. 2. Proposed Methodology maximizes the margin between the two classes.

3.3 Labelling the Data In an n-dimensional space, a hyperplane is a flat

affine subspace of dimension n-1. For a two-
Labelling is defined as the data involves assigning a dimensional space, this is simply a line. The equation
label to each data point to show whether it is normal of a hyperplane can be written as:
or anomalous. It is important for supervised learning
methods. In this study, Automated labelling is used 𝑤. 𝑥 − 𝑏 = 0
which use predefined rules to label the data (1)
dynamically
Where W indicates weight vector which is
3.4 Feature Selection proportional to the hyper plane. b represents the bias
term while x indicates the feature vector
The feature selection indicates on finding the most
relevant features from pre-processed traffic data. The margin is defined as the distance between the
These identified features should be contributed to hyper plane and the closest data points from either
finding the threats or attackers at the time of class. The goal of SVM is to increase this margin. The
dimensionality reduction. Commonly selected features margin for a linear SVM is calculated using following
in network traffic data include: formula
2
i. Packet size 𝑀𝑎𝑟𝑔𝑖𝑛 = (2)
||𝑤||
ii. Flow duration
iii. Protocol types The following optimization problem is determined
iv. Source/Destination using optimal hyperplane
v. Timestamp 1
vi. Source and destination ports min ||𝑤||2 (3)
𝑤,𝑏 2

3.5 Feature Extraction in Network Traffic Data Subject to

𝑦𝑖 (𝑤. 𝑥𝑖 − 𝑏) ≥ 1

979-8-3315-4066-1/24/$31.00 ©2024 IEEE 92

Authorized licensed use limited to: SRM Institute of Science and Technology- RamaPuram. Downloaded on November 15,2024 at 04:09:06 UTC from IEEE Xplore. Restrictions apply.
 Proceedings of the Second International Conference on Intelligent Cyber Physical Systems and Internet of Things (ICoICI 2024)
IEEE Xplore Part Number : CFP24VG0-ART ; ISBN : 979-8-3315-4066-1

Where: 𝑧 = 𝑓(𝑥) = 𝜎(𝑊𝑒 𝑥 + 𝑏𝑒 ) (7)

𝑦𝑖 is the class label for the i th data point 𝑦𝑖 = 1 for Where:

normal and 𝑦𝑖 = −1 for anomalous). 𝑥𝑖 is the feature
vector for the i th data point. 𝑊𝑒 is the weight matrix of the encoder.

Lagrangian Dual Problem can be transformed into 𝑏𝑒 is the bias vector of the encoder.
its dual form using Lagrange multipliers: 𝜎 is the activation function (e.g., ReLU, sigmoid).
1
ℒ (𝑤, 𝑏, 𝑎) = ||𝑤||2 − ∑𝑛𝑖=1 𝛼𝑖 [𝑦𝑖 (𝑤. 𝑥𝑖 − 𝑏) − 1] Decoder: Reconstructs the input from the latent
2
(4) representation z”

Where 𝛼𝑖 ≥ are the Lagrange multipliers. 𝑥̂ − 𝑔(𝑧) = 𝜎(𝑊𝑑 𝑥 + 𝑏𝑑 ) (9)

Solving the dual problem yields the optimal weight Where:

vector w and b and the decision function for
𝑊𝑑 is the weight matrix of the decoder.
classification becomes:
𝑏𝑑 is the bias vector of the decoder.
𝑓(𝑥) = 𝑠𝑖𝑔𝑛 (𝑤. 𝑥 − 𝑏) (5)
𝑥 is the reconstructed input.
For non-linearly separable data, SVMs use kernel
functions to map the input features into higher- A common loss function for this purpose is the
dimensional spaces where a linear hyperplane can be Mean Squared Error (MSE):
found.
1
ℒ(𝑥, 𝑥̂) = ∑𝑛𝑖=1(𝑥𝑖 , 𝑥̂𝑖 ) 2 (10)
In real-world scenarios, perfect separation may not 𝑛

be possible due to noise and overlap between classes. Where:

Soft margin SVM allows some misclassifications by
introducing slack variables 𝑥𝑖 N is the number of features in the input vector x.
1
min ||𝑤||2 + 𝐶 ∑𝑛𝐼=1 𝜉𝑖 (6) 𝑥𝑖 is the i th element of the input vector.
𝑤,𝑏,𝜉 2
̂𝑥𝑖 is the i th element of the reconstructed vector.
Subject to
In order to reduce the reconstruction error across a
𝑦𝑖 (𝑤. 𝑥𝑖 − 𝑏) ≥ 1 > 1 − 𝜉𝑖 𝜉𝑖 ≥ 0, ∀𝑖 dataset of normal network traffic, autoencoder is
By applying SVM to network traffic data, traffic trained using backpropagation and gradient descent.
can be classified easily as normal or anomalous, This method learns to compress and reconstruct the
enhancing the ability to detect security threats and data efficiently at time of training. The autoencoder is
performance issues. This makes SVM a powerful tool used after training to reconstruct new network traffic
for anomaly detection in network traffic analysis. samples. The reconstruction error for each sample is
computed and anomalies are detected based on this
3.7 Deep Learning for Anomaly Detection: error.
Autoencoders
𝑅𝑒𝑐𝑜𝑛𝑠𝑡𝑟𝑢𝑐𝑡𝑖𝑜𝑛 𝑒𝑟𝑟𝑜𝑟 = ||𝑥 − 𝑥̂||2 (11)
Autoencoders are kind of unsupervised neural
network used in this study. It is especially effective A threshold 𝜏 is set based on the distribution of
for anomaly detection in network traffic. It is due to reconstruction errors on the training (normal) data.
it can learn normal traffic patterns and identify Samples with a reconstruction error exceeding this
deviations from these patterns as anomalies based on threshold are flagged as anomalies:
the reconstruction error. Aiming to learn a 1 𝑖𝑓 ||𝑥 − 𝑥̂||2
representation that captures the key features of input 𝐴𝑛𝑜𝑚𝑎𝑙𝑦 = { >𝜏 (12)
0 𝑜𝑡ℎ𝑒𝑟𝑤𝑖𝑠𝑒
data, the network is trained to reducing the
difference between input and output. By using autoencoders to learn the normal
patterns of network traffic, anomalies are detected
Let x be the input vector representing a sample of based on the reconstruction error, providing a
network traffic data. powerful tool for identifying unusual and potentially
malicious activities in network traffic data.
Transforms the input x into a latent
representation z:

979-8-3315-4066-1/24/$31.00 ©2024 IEEE 93

Authorized licensed use limited to: SRM Institute of Science and Technology- RamaPuram. Downloaded on November 15,2024 at 04:09:06 UTC from IEEE Xplore. Restrictions apply.
 Proceedings of the Second International Conference on Intelligent Cyber Physical Systems and Internet of Things (ICoICI 2024)
IEEE Xplore Part Number : CFP24VG0-ART ; ISBN : 979-8-3315-4066-1

IV. PERFORMANCE ANALYSIS

Accuracy (in %)
4.1 Dataset
1

A data is essential in this autoencoder based 0.8

threat detection because it must obtain both normal 0.6
traffic and anomaly traffic pattern. CICIDS2017
dataset is used in this study. This dataset was created 0.4
by Canadian Institute for Cybersecurity to offer 0.2
comprehensive data for assessing the intrusion Accuracy (in %)
detection system. It includes malicious network 0

SRU [15]

Methodology
HMAODL-CTC
RF+SVM [14]
traffic obtained over a month, indicating the realistic

Proposed
and modern network environment.

[18]
Key Features:

• Traffic Types: Contains both normal

(benign) and various types of attack traffic Fig. 3. Accuracy Analysis
(e.g., DDoS, Brute Force, Botnet, Web
Attacks). Figure 3 presents a comparative analysis of accuracy
• Protocols: Includes traffic from common percentages across four different methods for
protocols such as HTTP, HTTPS, FTP, anomaly detection: Spatial-Temporal Graph Neural
SSH, and more. Network, CNN-LSTM, Naive Bayes Classifier, and
• Feature Set: Over 80 features extracted the Proposed Methodology. The proposed method
from raw network traffic data using exhibits the highest accuracy at 92%, surpassing all
Cyclometer, including flow duration, other methods. This indicates that the proposed
packet size, byte rate, and more. method is the most effective in correctly identifying
• Time frame: The dataset was collected both normal and anomalous network traffic, thereby
over five days , which has different attacks demonstrating superior performance in anomaly
detection tasks.
i. Accuracy:
ii. Precision:
Accuracy is defined as the proportion of
correctly identified instances (both normal and Precision (also known as positive predictive value)
attack) among the total number of instances. It is measures the proportion of correctly identified
calculated using following formula, anomalies out of all instances identified as anomalies.
It is given by
(𝑇𝑃+𝑇𝑁)
𝐴𝑐𝑐𝑢𝑟𝑎𝑐𝑦 = (13) 𝑇𝑃
(𝑇𝑃+𝑇𝑃+𝐹𝑃+𝐹𝑁)
𝑃𝑟𝑒𝑐𝑖𝑠𝑖𝑜𝑛 = (14)
𝑇𝑃+𝐹𝑃

TABLE 1: COMPARATIVE ANALYSIS FOR ACCURACY TABLE 2: COMPARATIVE ANALYSIS FOR PRECISION
VALUES OF PROPOSED WITH EXISTING METHOD VALUES OF PROPOSED WITH EXISTING METHOD

Methods Accuracy (in %) Methods Precision (in %)

Spatial-temporal graph 0.75 Spatial-temporal graph 0.82
neural network [14] neural network [14]
CNN-LSTM [16] 0.85 CNN-LSTM [16] 0.87
Naives bayes classifier 0.89 Naives bayes classifier 0.93
[18] [18]
Proposed Methodology 0.92 Proposed Methodology 0.97

979-8-3315-4066-1/24/$31.00 ©2024 IEEE 94

Authorized licensed use limited to: SRM Institute of Science and Technology- RamaPuram. Downloaded on November 15,2024 at 04:09:06 UTC from IEEE Xplore. Restrictions apply.
 Proceedings of the Second International Conference on Intelligent Cyber Physical Systems and Internet of Things (ICoICI 2024)
IEEE Xplore Part Number : CFP24VG0-ART ; ISBN : 979-8-3315-4066-1

Precision (in %) Recall (in %)

1 1
0.8
0.8
0.6
0.6 0.4
0.4 0.2
0 Recall (in %)
0.2

SRU [15]

HMAODL-CTC

Methodology
RF+SVM [14]
Precision (in %)

Proposed
0

[18]
SRU [15]

Methodology
HMAODL-CTC
RF+SVM [14]

Proposed
[18]

Fig. 5. Recall analysis

Fig. 4. Precision analysis Figure 5 illustrates the recall values, which measure
the proportion of correctly identified anomalies out
Figure 4 shows the precision values for the same of all actual anomalies. The proposed methodology
four methods. Precision measures the proportion of achieves the highest recall at 96%, indicating its
correctly identified anomalies out of all instances superior capability to detect almost all actual
identified as anomalies. The proposed methodology anomalies in network traffic. This high recall value
achieves the highest precision at 97%, indicating its suggests that the proposed method effectively
superior ability to accurately detect anomalies with minimizes false negatives, ensuring that most of the
minimal false positives. This high precision suggests anomalies present in the network traffic are detected.
that the proposed method is highly effective in
correctly identifying true positive anomalies, reducing iv. F1 Score:
the rate of false alarms.
F1-score is defined as the mean value between
iii. Recall: precision and recall, offering a balance between
among these two. It is calculated by,
Recall (also known as sensitivity or true positive
𝑃𝑟𝑒𝑐𝑖𝑠𝑖𝑜𝑛+𝑅𝑒𝑐𝑎𝑙𝑙
rate) measures the proportion of correctly identified 𝑓1 𝑠𝑐𝑜𝑟𝑒 = 2 ∗ (16)
𝑃𝑟𝑒𝑐𝑖𝑠𝑖𝑜𝑛∗𝑅𝑒𝑐𝑎𝑙𝑙
anomalies out of all actual anomalies. It is given by
high recall indicates a low number of false negatives.
𝑇𝑃 TABLE 4: COMPARATIVE ANALYSIS FOR F1-SCORE
𝑅𝑒𝑐𝑎𝑙𝑙 = (15) VALUES OF PROPOSED WITH EXISTING METHOD
𝑇𝑃+𝐹𝑁

Methods F1-score (in %)

TABLE 3: COMPARATIVE ANALYSIS FOR RECALL
VALUES OF PROPOSED WITH EXISTING METHOD Spatial-temporal graph 0.65
neural network [14]
Methods Recall (in %)
Spatial-temporal graph 0.76 CNN-LSTM [16] 0.79
neural network [14] Naives bayes classifier [18] 0.88
CNN-LSTM [16] 0.85 Proposed Methodology 0.93
Naives bayes classifier 0.89
[18]
Proposed Methodology 0.96

979-8-3315-4066-1/24/$31.00 ©2024 IEEE 95

Authorized licensed use limited to: SRM Institute of Science and Technology- RamaPuram. Downloaded on November 15,2024 at 04:09:06 UTC from IEEE Xplore. Restrictions apply.
 Proceedings of the Second International Conference on Intelligent Cyber Physical Systems and Internet of Things (ICoICI 2024)
IEEE Xplore Part Number : CFP24VG0-ART ; ISBN : 979-8-3315-4066-1

[5] Simon, J., Kapileswar, N., Phani Kumar, P. and Aarthi Elaveini,
F1-score (in %) M., 2024. Improved geographic opportunistic routing protocol
for void hole elimination in underwater IoTs: Parameter tuning
1 by TSA optimization. International Journal of Communication
0.8 Systems, 37(3), p.e5659.
[6] Pradeep, S. And Geetha, A., 2024. Advanced Support Vector
0.6 Machine Based Aggregation Method for Network Anomaly
0.4 Detection. Journal Of Basic Science and Engineering, 21(1),
Pp.1442-1452.
0.2
[7] Murugan, K.S., Sudharsanam, V., Padmavathi, B., Simon, J.,
0 F1-score (in %)
Jacintha, V. and Sumathi, K., 2020, November. BER analysis of
HMAODL-CTC
SRU [15]

Methodology
RF+SVM [14]

40 Gbps Ro-FSO communication system for 5 G applications

Proposed

under Fog weather conditions. In 2020 IEEE 7th Uttar Pradesh

Section International Conference on Electrical, Electronics and
[18]

Computer Engineering (UPCON) (pp. 1-6). IEEE.

[8] Velmurugan, L., Raghuraj, G. and Simon, J., 2017, December.
Google glass based GPS navigation using smartwatch. In 2017
IEEE International Conference on Computational Intelligence
and Computing Research (ICCIC) (pp. 1-5). IEEE
Fig. 6. F1-Score analysis
[9] Altulaihan, E., Almaiah, M.A. and Aljughaiman, A., 2024.
Anomaly Detection IDS for Detecting DoS Attacks in IoT
Figure 6 presents the F1-score, which is the
Networks Based on Machine Learning
harmonic mean of precision and recall, providing a Algorithms. Sensors, 24(2), p.713.
balance between these two metrics. The proposed [10] Simon, J. and Kumar, A.N., 2021. A novel signal processing
methodology achieves the highest F1-score at 93%, based driver drowsiness detection system. Journal of IoT in
Social, Mobile, Analytics, and Cloud, 3(3), pp.176-190.
indicating its efficient performance in both precision
[11] Nellore, K., Palepu, V.S., Palepu, M.R.D. and Chenchela, V.K.,
and recall. This balance ensures that the method is 2016. Improving the lifespan of wireless sensor network via
reliable and effective in identifying anomalies in efficient carrier sensing scheme-CSMA/SDF. Int. J. Eng. Sci.
network traffic, making it a robust tool for network Res. Technol, 5, pp.723-732.
[12] Liu, H. and Wang, H., 2023. Real-time anomaly detection of
security.
network traffic based on CNN. Symmetry, 15(6), p.1205.
[13] Kapileswar, N., Kumar, P.P., Reddy, N.U., Teja, D.P.S., Rajam,
V. CONCLUSION
V.S. and Reddy, B.A.J., 2020, October. Adaptive OFDM non-
uniform modulation for underwater acoustic communication.
This research proposed an anomaly finding in In 2020 5th International Conference on Computing,
network traffic using autoencoder. It represents an Communication and Security (ICCCS) (pp. 1-7). IEEE.
advancements in finding and controlling the cyber [14] Zhang, H., Zhao, S., Liu, R., Wang, W., Hong, Y. and Hu, R.,
threats. By utilizing the autoencoders, the proposed 2022. Automatic Traffic Anomaly Detection on the Road
Network with Spatial‐Temporal Graph Neural Network
method effectively learns the normal traffic patterns Representation Learning. Wireless Communications and Mobile
and find deviations, which shows the potential threats. Computing, 2022(1), p.4222827.
Evaluation are conducted for proposed method across [15] Menon, N.G., Shrivastava, A., Bhavana, N.D. and Simon, J.,
existing methods using relevant metrics. The 2021, November. Deep learning based transcribing and
summarizing clinical conversations. In 2021 Fifth International
performance evaluation shows that the proposed Conference on I-SMAC (IoT in Social, Mobile, Analytics and
method has outperforms all the existing method and Cloud)(I-SMAC) (pp. 358-365). IEEE.
indicating its efficiency. Hence, this study shows that [16] Arjunan, T., 2024. Real-Time Detection of Network Traffic
the proposed method is a protective approach to threat Anomalies in Big Data Environments Using Deep Learning
Models. International Journal for Research in Applied Science
identification and network reliability. It is also and Engineering Technology, 12(9), pp.10-22214.
considered as enhancing network security. [17] Kumar, P.P., Simon, J., Devi, K.D., Elaveini, M.A. and
Kapileswar, N., 2023. Enhanced Traffic Management for
REFERENCES Emergency Vehicle Information Transmission using Wireless
Sensor Networks. Procedia Computer Science, 230, pp.798-807.
[1] Reddy, N.U., Kumar, P.V., Kapileswar, N., Simon, J. and [18] Sherubha, P., Sasirekha, S.P., Anguraj, A.D.K., Rani, J.V., Anitha,
Kumar, P.P., 2022, November. A Prediction Model for R., Praveen, S.P. and Krishnan, R.H., 2023. An Efficient
Minimization of Flood Effects using Machine Learning Unsupervised Learning Approach for Detecting Anomaly in
Algorithms. IEEE Sixth International Conference on I-SMAC Cloud. Comput. Syst. Sci. Eng., 45(1), pp.149-166.
(IoT in Social, Mobile, Analytics and Cloud)(I-SMAC), pp. [19] Wang, Y.C., Houng, Y.C., Chen, H.X. and Tseng, S.M., 2023.
593-597, 2022. Network anomaly intrusion detection based on deep learning
[2] Sheng, S. and Wang, X., 2023. Network traffic anomaly approach. Sensors, 23(4), p.2171.
detection method based on chaotic neural network. Alexandria
Engineering Journal, 77, pp.567-579.
[3] Yu, B., Zhang, Y., Xie, W., Zuo, W., Zhao, Y. and Wei, Y.,
2023. A network traffic anomaly detection method based on
Gaussian mixture model. Electronics, 12(6), p.1397.
[4] Feng, Y., Cai, W., Yue, H., Xu, J., Lin, Y., Chen, J. and Hu, Z.,
2022. An improved X-means and isolation forest based
methodology for network traffic anomaly detection. Plos
one, 17(1), p.e0263423.

979-8-3315-4066-1/24/$31.00 ©2024 IEEE 96

Authorized licensed use limited to: SRM Institute of Science and Technology- RamaPuram. Downloaded on November 15,2024 at 04:09:06 UTC from IEEE Xplore. Restrictions apply.