|Meyer-Berg, Andreas; Egert, Rolf; Böck, Leon; Mühlhäuser, Max
|Machine learning based anomaly detection mechanisms are a promising tool to detect and protect networks from previously unknown attacks. The quality of those mechanisms strongly depends on the availability of large amounts of data for their training and evaluation. However, suitable datasets are scarce, as they are rarely shared by those who possess them. This impedes progress in the development and deployment of sophisticated machine learning mechanisms. This paper aims to accelerate this thwarted development process by introducing a network simulation framework for training-data generation and evaluation of data-driven mechanisms, like anomaly detection approaches. The framework enables training, testing, and evaluating data-driven approaches in a safe and extensible environment prior to their deployment in real-world systems. We showcase the capabilities of the framework in a case study.
For this, a smart home network is modeled and simulated within the framework. The generated data is used to train an anomaly detection approach, which is then used to detect various anomalies introduced by attacks on the network. This ability to train and evaluate data-driven algorithms within the framework allows users to accelerate the otherwise time-consuming cycle of deploying, modifying, and re-training in live environments, which ultimately advances the development of novel anomaly detection approaches.
|15th International Conference on Availability, Reliability and Security (ARES'20)
|ARES '20: Proceedings of the 15th International Conference on Availability, Reliability and Security