Data-Driven Network Intelligence for Anomaly Detection

• Published in: IEEE network Vol. 33; no. 3; pp. 88 - 95
• Main Authors: Xu, Shengjie, Qian, Yi, Hu, Rose Qingyang
• Format: Journal Article
• Language: English
• Published: New York IEEE 01.05.2019; The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
• Subjects: Anomalies; Anomaly detection; Artificial intelligence; Cloud computing; Cybersecurity; Data models; Data storage; Edge computing; Infrastructure; Intelligence gathering; Machine learning; Predictive models; Threat evaluation
• ISSN: 0890-8044; 1558-156X
• DOI: 10.1109/MNET.2019.1800358

Data-driven network intelligence will offer a robust, efficient, and effective computing system for anomaly detection in cyber security applications. In this article, we first summarize the current development and challenges of network intelligence for anomaly detection. Based on the current development, we propose a data-driven intelligence system for network anomaly detection. With the support of extended computing, storage, and other resources to the network edge, fog computing is incorporated into the design of the system. The proposed system consists of three major components: fog enabled infrastructure, fog enabled artificial intelligence (AI) engine, and threat intelligence. Fog enabled infrastructure provides efficient and effective computing resources for parallel computing and data storage. The fog enabled AI engine produces optimal learning models for threat detection, and enables efficient model update both locally and globally. Threat intelligence offers real-time network monitoring and cyber threat detection. We demonstrate that the proposed data-driven network intelligence system achieves high detection accuracy and provides efficient computational performance.