2021 IEEE International Conference on Acoustics, Speech and Signal Processing

6-11 June 2021 • Toronto, Ontario, Canada

Extracting Knowledge from Information

2021 IEEE International Conference on Acoustics, Speech and Signal Processing

6-11 June 2021 • Toronto, Ontario, Canada

Extracting Knowledge from Information
Login Paper Search My Schedule Paper Index Help

My ICASSP 2021 Schedule

Note: Your custom schedule will not be saved unless you create a new account or login to an existing account.
  1. Create a login based on your email (takes less than one minute)
  2. Perform 'Paper Search'
  3. Select papers that you desire to save in your personalized schedule
  4. Click on 'My Schedule' to see the current list of selected papers
  5. Click on 'Printable Version' to create a separate window suitable for printing (the header and menu will appear, but will not actually print)

Paper Detail

Paper IDCHLG-2.4
Paper Title FDEN: MINING EFFECTIVE INFORMATION OF FEATURES IN DETECTING NETWORK ANOMALIES
Authors Bin Li, Yijie Wang, Mingyu Liu, Kele Xu, Zhongyang Wang, Li Cheng, Yizhou Li, National University of Defense Technology, China
SessionCHLG-2: ZYELL - NCTUNetwork Anomaly Detection Challenge
LocationZoom
Session Time:Monday, 07 June, 13:00 - 14:45
Presentation Time:Monday, 07 June, 13:00 - 14:45
Presentation Poster
Topic Grand Challenge: ZYELL - NCTUNetwork Anomaly Detection Challenge
IEEE Xplore Open Preview  Click here to view in IEEE Xplore
Abstract Network anomaly detection is important for detecting and reacting to the presence of network attacks. In this paper, we propose a novel method to effectively leverage the features in detecting network anomalies, named FDEn, consisting of flow-based Feature Derivation (FD) and prior knowledge incorporated Ensemble models (Enpk). To mine the effective information in features, 149 features are derived to enrich the feature set of the original data with covering more characteristics of network traffic. To leverage these features effectively, an ensemble model Enpk, including CatBoost and XGBoost, based on the bagging strategy is proposed to first detect anomalies by combining numerical features and categorical features. And then, Enpk adjusts the predicted label of specific data by incorporating the prior knowledge of network security. We conduct empirically experiments on the data set provided by the Network Anomaly Detection Challenge (NADC), in which we obtain average improvement up to 61.6%, 31.7%, 50.2%, and 45.0%, in terms of the cost score, precision, recall and F1-score, respectively。