Network attack classification framework based on Autoencoder model and online stream analysis technology


  • Nguyen Viet Hung
  • Dang Thi Mai
  • Ngo Thanh Tung



network attack detection, online stream processing, autoencoder, network data representation

Tóm tắt

Abstract— To deal with diverse and constantly changing forms of cyberattacks, machine learning methods have been researched and applied extensively in network data processing for positive results in network attack detection. However, machine learning models require extensive computational resources and their application to handle significant real-time data flow monitoring problems still needs improvement. In this paper, we research and propose a network attack detection framework using a 2-stage classification algorithm with an Autoencoder model, integrating online stream processing technology based on Apache Kafka and Spark technology. The results show that the proposed framework has high efficiency in detecting network attacks and faster processing time than traditional data processing technology.


Download data is not yet available.


A. Chidukwani, S. Zander and P. Koutsakis, “A Survey on the Cyber Security of Small-to-Medium Businesses: Challenges, Research Focus and Recommendations,” in IEEE Access, vol. 10, pp. 85701-85719, 2022, doi: 10.1109/ACCESS.2022.3197899.

A. Halbouni, T. S. Gunawan, M. H. Habaebi, M. Halbouni, M. Kartiwi and R. Ahmad, “Machine Learning and Deep Learning Approaches for CyberSecurity: A Review,” in IEEE Access, vol. 10, pp. 19572-19585, 2022, doi: 10.1109/ACCESS.2022.3151248.

R. P. Krupani, M. G. Aditya, C. S. Prithvi Raghavan and H. S. Gururaja, “Big Data Cybersecurity Monitoring System using Machine Learning,” 2021 International Conference on Forensics, Analytics, Big Data, Security (FABS), Bengaluru, India, 2021, pp. 1-7, doi: 10.1109/FABS52071.2021.9702637.

Clay. P. - “A modern threat response framework”, Network Security, v.2015, n. 4, pp. 5(October 2015).

IBM report - “Cost of a data breach 2022” - - Last Visited: 7/3/2023.

COLUCCIO, R., Ghidini, G., REALE, A., et al. “Online stream processing of machine-to-machine communications traffic: A platform comparison”. In: IEEE Symposium on Computers and Communication (ISCC), pp. 1{7, 6 2014. doi: 10.1109/ISCC.2014.6912528.

Hu P., Li, H., Fu, H., et al. “Dynamic defense strategy against advanced persistent threat with insiders.” In: 2015 IEEE Conference on Computer Communications (INFOCOM), pp. 747.

Paxson V. “Bro: a system for detecting network intruders in real-time”, Computer Networks, v. 31, n. 23-24, pp. 2435.

Bar A., Finamore A., Casas, P., et al. “Large-scale network traffic monitoring with DBStream, a system for rolling big data analysis.” In: 2014 IEEE International Conference on Big Data (Big Data), pp. 165{170. IEEE, 10 2014. ISBN: 978-1- 4799-5666-1. doi: 10.1109/BigData.2014.7004227.

Stonebraker M.,Etintemel U., Zdonik, S. “The 8 requirements of real-time stream processing”, ACM SIGMOD Record, v. 34, n. 4, pp. 42{ 47, 12 2005. ISSN: 01635808. doi : 10.1145/1107499.1107504.

S plunk Buys Another Startup, Launches Mission Control - - Last Accessed 6/7 2020.

Dimensionality reduction for machine learning based iot botnet detection, H. Bahsi, S. Nomm, and FBL Torre, in 15th International Conference on Control, Automation, Robotics and Vision, ICARCV 2018, Singapore, November 18-21 , 2018, pp . 1857-1862.

Unsupervised anomaly based botnet detection in iot networks, S. Nomm and H. Bahsi, in 17th IEEE International Conference on Machine Learning and Applications, ICMLA 2018, Orlando, FL, USA, December 17-20, 2018, 2018, pp. 1048–1053.

G. Pang, C. Shen, L. Cao, and A. Van Den Hengel, “Deep Learning for Anomaly Detection: A Review,” ACM Computing Surveys, vol. 54, no. 2. Association for Computing Machinery, Apr. 01, 2021, doi: 10.1145/3439950.

R. Kumar and R. Verma, (2012), “Classification algorithms for data mining: A survey”, International Journal of Innovations in Engineering and Technology (IJIET), [7-14].

Adnan Mohsin Abdulazeez, (2021), “Classification Based on Decision Tree Algorithm for Machine Learning”, Journal of Applied Science and Technology Trends.

Dianne SV Medeiros; Helio N. Cunha Neto; Martin Andreoni Lopez, (2020), “A survey on data analysis on large-Scale wireless networks: online stream processing, trends, and challenges”, Journal of Internet Services and Applications.

Haruna Isah; Tariq Abughofa; Sazia Mahfuz; Dharmitha Ajerla; Farhana Zulkernine; Shahzad Khan, (2019), “A Survey of Distributed Data Stream Processing Frameworks”, IEEE Access, 7, 154300 – 154316.

Meijuan Gao, Jingwen Tian, Mingping Xia, Intrusion Detection Method Based on Classify Support Vector Machine , secondInternational Conference on Intelligent Computation Technology and Automation, ICICTA ’09, vol. 2, pp. 391-394.

BHUYAN, Monowar H.; BHATTACHARYYA, Dhruba K.; KALITA, Jugal K, AOCD: An Adaptive Outlier Based Coordinated Scan Detection Approach , IJ Network Security, 2012, 14.6: 339-351.

Chao Wang, Bailing Wang, Hongri Liu, Haikuo, Anomaly Detection for Industrial Control System Based on Autoencoder Neural Network, 2020, Wireless Communications and Mobile Computing.

Nguyen Viet Hung, Nguyen Van Quan, Le Thi Trang Linh, Shone Nathan, (2018), “Using Deep Learning Model for Network Scanning Detection”, ICFET ‘18: Proceedings of the 4th International Conference on Frontiers of Educational Technologies , [117-121].

Xavier Glorot, Yoshua Bengio, (2010), “Understanding the difficulty of training deep feedforward neural networks”, Journal of Machine Learning Research 9, [249-256].

JIRSIK, T., CERMAK, M., TOVARNAK, D., et al. “Toward Stream-Based IP

Flow Analysis”, IEEE Communications Magazine, v. 55, n. 7, pp. 70-76,

ISSN: 0163-6804. doi: 10.1109/MCOM.2017.1600972.


Abstract views: 231 / PDF downloads: 20



How to Cite

Hung, N. V., Mai, D. T., & Tung, N. T. (2023). Network attack classification framework based on Autoencoder model and online stream analysis technology. Journal of Science and Technology on Information Security, 1(18), 3-19.