Abstract—Detecting various anomalies or unusual incidents in computer network traffic is one of the great challenges for both researchers and network administrators. If they had an efficient method that could detect network traffic anomalies quickly and accurately, they would be able to prevent security problems or network congestion caused by such anomalies. Therefore, we conducted a series of experiments to examine which and how interval-based network traffic features affect anomaly detection by using three famous machine learning algorithms: the naïve Bayes, k-nearest neighbor, and support vector machine. Our findings would help researchers and network administrators to select effective interval-based features for each particular type of anomaly, and to choose a proper machine learning algorithm for their own network system.
Index Terms—Network traffic, anomaly detection, naïve Bayes, nearest neighbor, support vector machine.
Kriangkrai Limthong is with the Department of Informatics, Graduate University of Advanced Studies (Sokendai), Japan (e-mail: kriangkrai.l@bu.ac.th).
Cite: Kriangkrai Limthong, "Performance of Interval-Based Features in Anomaly Detection by Using Machine Learning Approach," International Journal of Machine Learning and Computing vol.4, no. 3, pp. 292-299, 2014.