mohammadreza samadzadeh

Security anomaly detection, a critical element in safeguarding digital systems, has undergone a transformative evolution through the integration of deep learning techniques. This comprehensive review navigates the landscape of security anomaly detection, unveiling the potential and challenges within this realm. The research methodology involved systematic data collection from renowned databases, including Scopus, Web of Science, and Google Scholar. Key topics explored include the integration of deep learning models, benchmark datasets, preprocessing techniques, ethical considerations, and future directions. Deep learning models, such as autoencoders, recurrent neural networks (RNNs), and convolutional neural networks (CNNs), have proven invaluable in enhancing detection accuracy and efficiency. Benchmark datasets like NSL-KDD, CICIDS2017, and UNSW-NB15 have emerged as essential evaluation tools. Tailored preprocessing techniques ensure data readiness for these models. Challenges encompass data imbalance, model interpretability, adversarial attacks, and scalability. Ethical and privacy considerations emphasize privacy preservation, fairness, transparency, and accountability. The convergence of deep learning with security anomaly detection heralds a new era in cybersecurity. While challenges persist, a commitment to ethical principles and exploration of innovative avenues are set to realize the full potential of deep learning for robust, efficient, and responsible security anomaly detection systems, ensuring a safer digital landscape for all.

Accurate traffic classification is important for various network activities such as accurate network management and proper resource utilization. Port-based approaches, deep packet inspection, and machine learning are widely used techniques for classifying and analyzing network traffic flows. Most classification methods are suitable for small-scale datasets and cannot achieve a high classification accuracy owing to their shallow learning structure and limited learning ability. The emergence of deep learning technology and software-driven networks has enabled the application of classification methods for processing large-scale data.In this study, a two-step classification method based on deep learning algorithms is presented, which can achieve high classification accuracy without manually selecting and extracting features. In the proposed method, an Autoencoder was used to extract features and remove unnecessary and redundant features. In the second step, the proposed method uses the features extracted by the autoencoder from a hybrid deep-learning model based on the CNN and LSTM algorithms to classify network traffic.To evaluate the proposed method, the results of the proposed two-stage hybrid method is compared with comparative algorithms including decision tree, Naïve Bayes, random forest. The proposed combined CNN+LSTM method obtains the best results by obtaining values of 0.997, 0.972, 0.959, and 0.964, respectively, for the evaluation criteria of, accuracy, precision, recall, and F1 score.The proposed method is a practical and operational method with high accuracy, which can be applied in the real world and used in the detection of security anomalies in networks using traffic classification and network data.