Skip to main content
Springer Nature Link
Log in

A novel fusion feature imageization with improved extreme learning machine for network anomaly detection

  • Published:
Applied Intelligence Aims and scope Submit manuscript

Abstract

As the complexity and quantity of network data continue to increase, accurate and efficient anomaly detection methods become critical. Deep learning-based methods are suitable for real-time detection because they leverage neural networks to efficiently process massive amounts of data. However, for complex network environments and unknown threats, it is difficult to acquire balanced datasets for training, resulting in low model accuracy. Moreover, in a large-scale network environment, the model training process is complicated and resource-consuming, ignoring the important information hidden behind the data and poor scalability. To address these issues, we develop a novel network anomaly detection method that integrates fused feature imageization with an enhanced extreme learning machine, termed GMD-DELM. The network data stream features are transformed into images by an adaptive transformation method, generating a feature representation with highly enhanced data recognition capability. In addition, a ResNeXt network embedded with an attention mechanism is used to extract high-level features from images, enhancing the ability of deep learning networks to extract important features from network streams. Finally, we implement a network anomaly detection method established on an improved adaptive differential evolution kernel extreme learning machine. The experimental results demonstrate that the proposed model achieves notable enhancements achieved by the proposed model in reducing feature redundancy and improving accuracy compared to existing network anomaly detection models. Furthermore, our model exhibits improved stability and robustness in detecting corrupted network data containing noise.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Algorithm 1
Fig. 3
Algorithm 2
Algorithm 3
Fig. 4
Fig. 5

Similar content being viewed by others

Explore related subjects

Discover the latest articles, news and stories from top researchers in related subjects.

Data Availability

The datasets generated during and/or analysed during the current study are available from the corresponding author on reasonable request.

References

  1. Mehedi ST, Anwar A, Rahman Z, Ahmed K, Islam R (2022) Dependable intrusion detection system for iot: a deep transfer learning based approach. IEEE Trans Ind Inform 19:1006–1017

    Article  Google Scholar 

  2. Javaheri D, Gorgin S, Lee J-A, Masdari M (2023) Fuzzy logic-based ddos attacks and network traffic anomaly detection methods: classification, overview, and future perspectives. Inf Sci 626:315–338

    Article  Google Scholar 

  3. Sood K, Nosouhi MR, Nguyen DDN, Jiang F, Chowdhury M, Doss R (2023) Intrusion detection scheme with dimensionality reduction in next generation networks. IEEE Trans Inf Forensics Secur 18:965–979

    Article  Google Scholar 

  4. Ding C, Sun S, Zhao J (2023) Mst-gat: a multimodal spatial–temporal graph attention network for time series anomaly detection. Inf Fusion 89:527–536

    Article  Google Scholar 

  5. Aldweesh A, Derhab A, Emam AZ (2020) Deep learning approaches for anomaly-based intrusion detection systems: a survey, taxonomy, and open issues. Knowl-Based Syst 189:105124

    Article  Google Scholar 

  6. Al-Yaseen WL, Idrees AK, Almasoudy FH (2022) Wrapper feature selection method based differential evolution and extreme learning machine for intrusion detection system. Pattern Recognit 132:108912

    Article  Google Scholar 

  7. Hassan MM, Gumaei A, Alsanad A, Alrubaian M, Fortino G (2020) A hybrid deep learning model for efficient intrusion detection in big data environment. Inf Sci 513:386–396

    Article  Google Scholar 

  8. Mirsky Y, Doitshman T, Elovici Y, Shabtai A (2018) Kitsune: an ensemble of autoencoders for online network intrusion detection. arXiv:1802.09089

  9. Imrana Y, Xiang Y, Ali L, Abdul-Rauf Z (2021) A bidirectional lstm deep learning approach for intrusion detection. Expert Syst Appl 185:115524

    Article  Google Scholar 

  10. Pang G, Hengel A, Shen C, Cao L (2021) Toward deep supervised anomaly detection: reinforcement learning from partially labeled anomaly data. In: Proceedings of the 27th ACM SIGKDD conference on knowledge discovery & data mining, pp 1298–1308

  11. Selvakumar K, Karuppiah M, SaiRamesh L, Islam SH, Hassan MM, Fortino G, Choo K-KR (2019) Intelligent temporal classification and fuzzy rough set-based feature selection algorithm for intrusion detection system in wsns. Inf Sci 497:77–90

    Article  Google Scholar 

  12. Zhang Z, Zhou F, Karimi HR, Fujita H, Hu X, Wen C, Wang T (2023) Attention gate guided multiscale recursive fusion strategy for deep neural network-based fault diagnosis. Eng Appl Artif Intell 126:107052

    Article  Google Scholar 

  13. Lopez-Martin M, Carro B, Sanchez-Esguevillas A (2020) Application of deep reinforcement learning to intrusion detection for supervised problems. Expert Syst Appl 141:112963

    Article  Google Scholar 

  14. Choraś M, Pawlicki M (2021) Intrusion detection approach based on optimised artificial neural network. Neurocomputing 452:705–715

    Article  Google Scholar 

  15. Gu J, Lu S (2021) An effective intrusion detection approach using svm with naïve bayes feature embedding. Comput Secur 103:102158

    Article  Google Scholar 

  16. Ren H, Tang Y, Dong W, Ren S, Jiang L (2023) Duen: dynamic ensemble handling class imbalance in network intrusion detection. Expert Syst Appl 229:120420

    Article  Google Scholar 

  17. Kanna PR, Santhi P (2021) Unified deep learning approach for efficient intrusion detection system using integrated spatial-temporal features. Knowl-Based Syst 226:107132

    Article  Google Scholar 

  18. Li Z, Xiang Z, Gong W, Wang H (2022) Unified model for collective and point anomaly detection using stacked temporal convolution networks. Appl Intell 52:3118–3131

    Article  Google Scholar 

  19. Pingale SV, Sutar SR (2022) Remora whale optimization-based hybrid deep learning for network intrusion detection using cnn features. Expert Syst Appl 210:118476

    Article  Google Scholar 

  20. Basati A, Faghih MM (2022) Pdae: efficient network intrusion detection in iot using parallel deep auto-encoders. Inf Sci 598:57–74

    Article  Google Scholar 

  21. SaiSindhuTheja R, Shyam GK (2021) An efficient metaheuristic algorithm based feature selection and recurrent neural network for dos attack detection in cloud computing environment. Appl Soft Comput 100:106997

    Article  Google Scholar 

  22. Andresini G, Appice A, Malerba D (2021) Autoencoder-based deep metric learning for network intrusion detection. Inf Sci 569:706–727

    Article  MathSciNet  Google Scholar 

  23. Yang L, Song Y, Gao S, Hu A, Xiao B (2022) Griffin: real-time network intrusion detection system via ensemble of autoencoder in sdn. IEEE Trans Netw Serv Manag 19:2269–2281

    Article  Google Scholar 

  24. Andresini G, Appice A, De Rose L, Malerba D (2021) Gan augmentation to deal with imbalance in imaging-based intrusion detection. Future Gener Comput Syst 123:108–127

    Article  Google Scholar 

  25. Zhang Z, Zhou F, Zhang C, Wen C, Hu X, Wang T (2023) A personalized federated learning-based fault diagnosis method for data suffering from network attacks. Appl Intell 53:22834–22849

    Article  Google Scholar 

  26. Zhou F, Liu S, Fujita H, Hu X, Zhang Y, Wang B, Wang K (2024) Fault diagnosis based on federated learning driven by dynamic expansion for model layers of imbalanced client. Expert Syst Appl 238:121982

    Article  Google Scholar 

  27. Liu Y, Garg S, Nie J, Zhang Y, Xiong Z, Kang J, Hossain MS (2021) Deep anomaly detection for time-series data in industrial iot: a communication-efficient on-device federated learning approach. IEEE Internet Things J 8:6348–6358

    Article  Google Scholar 

  28. Li B, Wu Y, Song J, Lu R, Li T, Zhao L (2021) Deepfed: federated deep learning for intrusion detection in industrial cyber-physical systems. IEEE Trans Ind Inform 17:5615–5624

  29. Mohiuddin G, Lin Z, Zheng J, Wu J, Li W, Fang Y, Wang S, Chen J, Zeng X (2023) Intrusion detection using hybridized meta-heuristic techniques with weighted xgboost classifier. Expert Syst Appl 232:120596

    Article  Google Scholar 

  30. He J, Chen W, Li T, Li B, Zhu YB, Huang MG (2021) Hd-nsa: a real-valued negative selection algorithm based on hierarchy division. Appl Soft Comput 112:107726

    Article  Google Scholar 

  31. Mohammadian H, Ghorbani AA, Lashkari AH (2023) A gradient-based approach for adversarial attack on deep learning-based network intrusion detection systems. Appl Soft Comput 137:110173

    Article  Google Scholar 

  32. Wang Y, Yu Z, Zhu L (2023) Intrusion detection for high-speed railways based on unsupervised anomaly detection models. Appl Intell 53:8453–8466

    Article  Google Scholar 

  33. Bai J, Li Y, Li J, Yang X, Jiang Y, Xia S-T (2022) Multinomial random forest. Pattern Recognit 122:108331

    Article  Google Scholar 

  34. Kan X, Fan Y, Fang Z, Cao L, Xiong NN, Yang D, Li X (2021) A novel iot network intrusion detection approach based on adaptive particle swarm optimization convolutional neural network. Inf Sci 568:147–162

    Article  MathSciNet  Google Scholar 

  35. Sohn I (2021) Deep belief network based intrusion detection techniques: a survey. Expert Syst Appl 167:114170

    Article  Google Scholar 

  36. Wang J, Jin H, Chen J, Tan J, Zhong K (2022) Anomaly detection in internet of medical things with blockchain from the perspective of deep neural network. Inf Sci 617:133–149

    Article  Google Scholar 

  37. Guo D, Liu Z, Li R (2023) Regraphgan: a graph generative adversarial network model for dynamic network anomaly detection. Neural Netw 166:273–285

    Article  Google Scholar 

  38. Shu W, Cai K, Xiong NN (2021) A short-term traffic flow prediction model based on an improved gate recurrent unit neural network. IEEE Trans Intell Transp Syst 23:16654–16665

    Article  Google Scholar 

Download references

Acknowledgements

This work was supported by the National Key Research and Development Program of China (2020YFB1805400, 2023YFB3106900), and the National Natural Science Foundation of China (62372334).

Author information

Authors and Affiliations

  1. Key Laboratory of Aerospace Information Security and Trusted Computing, Ministry of Education, School of Cyber Science and Engineering, Wuhan University, Wuhan, China

    Geying Yang, Jinyu Wu, Lina Wang, Qinghao Wang, Xiaowen Liu & Jie Fu

Authors
  1. Geying Yang
    View author publications

    You can also search for this author inPubMed Google Scholar

  2. Jinyu Wu
    View author publications

    You can also search for this author inPubMed Google Scholar

  3. Lina Wang
    View author publications

    You can also search for this author inPubMed Google Scholar

  4. Qinghao Wang
    View author publications

    You can also search for this author inPubMed Google Scholar

  5. Xiaowen Liu
    View author publications

    You can also search for this author inPubMed Google Scholar

  6. Jie Fu
    View author publications

    You can also search for this author inPubMed Google Scholar

Contributions

Geying Yang: Methodology, Writing – original draft, Writing – review & editing. Jinyu Wu: Conceptualization, Writing – review & editing. Lina Wang: Conceptualization, Supervision, Writing – review. Qinghao Wang: Software, Data curation, Validation, Xiaowen Liu: Software, Data curation, Validation, Jie Fu: Software, Data curation, Validation.

Corresponding author

Correspondence to Lina Wang.

Ethics declarations

Conflict of Interests

The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.

Ethical and Informed Consent for Data Used

All datasets used in this paper are public datasets, which can be downloaded through public channels upon request.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Yang, G., Wu, J., Wang, L. et al. A novel fusion feature imageization with improved extreme learning machine for network anomaly detection. Appl Intell 54, 9313–9329 (2024). https://doi.org/10.1007/s10489-024-05673-x

Download citation

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10489-024-05673-x

Keywords