Temporal Analysis of NetFlow Datasets for Network Intrusion Detection Systems

• URL: http://arxiv.org/abs/2503.04404v2
• Date: Sun, 09 Mar 2025 07:31:18 GMT
• Title: Temporal Analysis of NetFlow Datasets for Network Intrusion Detection Systems
• Authors: Majed Luay, Siamak Layeghy, Seyedehfaezeh Hosseininoorbin, Mohanad Sarhan, Nour Moustafa, Marius Portmann,
• Abstract summary: This paper investigates the temporal analysis of NetFlow datasets for machine learning (ML)-based network intrusion detection systems (NIDS)<n>We provide a comprehensive temporal analysis of NetFlow datasets by examining the distribution of various features over time.<n>Results indicate that many attacks have unique patterns, which could help ML models to identify them more easily.
• Score: 8.629760514294446
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: This paper investigates the temporal analysis of NetFlow datasets for machine learning (ML)-based network intrusion detection systems (NIDS). Although many previous studies have highlighted the critical role of temporal features, such as inter-packet arrival time and flow length/duration, in NIDS, the currently available NetFlow datasets for NIDS lack these temporal features. This study addresses this gap by creating and making publicly available a set of NetFlow datasets that incorporate these temporal features [1]. With these temporal features, we provide a comprehensive temporal analysis of NetFlow datasets by examining the distribution of various features over time and presenting time-series representations of NetFlow features. This temporal analysis has not been previously provided in the existing literature. We also borrowed an idea from signal processing, time frequency analysis, and tested it to see how different the time frequency signal presentations (TFSPs) are for various attacks. The results indicate that many attacks have unique patterns, which could help ML models to identify them more easily.

Related papers

• A Distance Correlation-Based Approach to Characterize the Effectiveness of Recurrent Neural Networks for Time Series Forecasting [1.9950682531209158]
  We provide an approach to link time series characteristics with RNN components via the versatile metric of distance correlation. We empirically show that the RNN activation layers learn the lag structures of time series well. We also show that the activation layers cannot adequately model moving average and heteroskedastic time series processes.
  arXiv  Detail & Related papers  (2023-07-28T22:32:08Z)
• Network Traffic Classification based on Single Flow Time Series Analysis [0.0]
  We propose a novel flow extension for traffic features based on the time series analysis of the Single Flow Time series. We have demonstrated the usability and achieves of the proposed feature vector for various network traffic classification tasks using 15 well-known publicly available datasets.
  arXiv  Detail & Related papers  (2023-07-25T12:00:48Z)
• Multivariate Time Series Classification: A Deep Learning Approach [1.0742675209112622]
  This paper investigates different methods and various neural network architectures applicable in the time series classification domain. Data is obtained from a fleet of gas sensors that measure and track quantities such as oxygen and sound. With the help of this data, we can detect events such as occupancy in a specific environment.
  arXiv  Detail & Related papers  (2023-07-05T12:50:48Z)
• How neural networks learn to classify chaotic time series [77.34726150561087]
  We study the inner workings of neural networks trained to classify regular-versus-chaotic time series. We find that the relation between input periodicity and activation periodicity is key for the performance of LKCNN models.
  arXiv  Detail & Related papers  (2023-06-04T08:53:27Z)
• HyperTime: Implicit Neural Representation for Time Series [131.57172578210256]
  Implicit neural representations (INRs) have recently emerged as a powerful tool that provides an accurate and resolution-independent encoding of data. In this paper, we analyze the representation of time series using INRs, comparing different activation functions in terms of reconstruction accuracy and training convergence speed. We propose a hypernetwork architecture that leverages INRs to learn a compressed latent representation of an entire time series dataset.
  arXiv  Detail & Related papers  (2022-08-11T14:05:51Z)
• SimHawNet: A Modified Hawkes Process for Temporal Network Simulation [12.403827785443928]
  We propose a new framework for generative models of continuous-time temporal networks.<n>SimHawNet enables simulation of the evolution of temporal networks in continuous time.
  arXiv  Detail & Related papers  (2022-03-14T16:40:57Z)
• Novel Features for Time Series Analysis: A Complex Networks Approach [62.997667081978825]
  Time series data are ubiquitous in several domains as climate, economics and health care. Recent conceptual approach relies on time series mapping to complex networks. Network analysis can be used to characterize different types of time series.
  arXiv  Detail & Related papers  (2021-10-11T13:46:28Z)
• Online learning of windmill time series using Long Short-term Cognitive Networks [58.675240242609064]
  The amount of data generated on windmill farms makes online learning the most viable strategy to follow. We use Long Short-term Cognitive Networks (LSTCNs) to forecast windmill time series in online settings. Our approach reported the lowest forecasting errors with respect to a simple RNN, a Long Short-term Memory, a Gated Recurrent Unit, and a Hidden Markov Model.
  arXiv  Detail & Related papers  (2021-07-01T13:13:24Z)
• Temporal and Object Quantification Networks [95.64650820186706]
  We present a new class of neuro-symbolic networks with a structural bias that enables them to learn to recognize complex relational-temporal events. We demonstrate that TOQ-Nets can generalize from small amounts of data to scenarios containing more objects than were present during training and to temporal warpings of input sequences.
  arXiv  Detail & Related papers  (2021-06-10T16:18:21Z)
• Meta-Learning for Koopman Spectral Analysis with Short Time-series [49.41640137945938]
  Existing methods require long time-series for training neural networks. We propose a meta-learning method for estimating embedding functions from unseen short time-series. We experimentally demonstrate that the proposed method achieves better performance in terms of eigenvalue estimation and future prediction.
  arXiv  Detail & Related papers  (2021-02-09T07:19:19Z)
• Multivariate Time Series Classification Using Spiking Neural Networks [7.273181759304122]
  Spiking neural network has drawn attention as it enables low power consumption. We present an encoding scheme to convert time series into sparse spatial temporal spike patterns. A training algorithm to classify spatial temporal patterns is also proposed.
  arXiv  Detail & Related papers  (2020-07-07T15:24:01Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.