Abstract Network anomaly detection is one of the key aspects to be considered for the protection of modern digital infrastructures against changing cyber-attacks. As networks are becoming increasingly larger and complex, the processing of millions of flows in real time is a high-performance computing (HPC) issue that requires parallel and distributed computing. This paper aims to evaluate the performance of six anomaly detection models: four machine learning models (Random Forest, Isolation Forest, Local Outlier Factor, One-Class SVM) and two deep learning models (LSTM-CNN, Autoencoder). The performance evaluation is done using four public datasets (UNSW-NB15, CICIDS-2017, NSL-KDD, ToN-IoT) with over five million data records. The results showed that parallel preprocessing achieves a 10.8 times speedup on 16 CPU cores, while GPU achieves a 35 times speedup for deep learning models. Among the models, the performance of the Random Forest is found to be stable with F1 > 0.95.
Uras Panahi (Wed,) studied this question.
Synapse has enriched 5 closely related papers on similar clinical questions. Consider them for comparative context: