DETERMINATION OF NETWORK TRAFFIC ANOMALIES IN A DISTRIBUTED COMPUTER SYSTEM WITH ENERGY FACILITIES
The paper presents research, the purpose of which is to define a machine learning model for express analysis of network traffic in a distributed computer system for managing decentralized generation facilities based on renewable energy. The available tools for monitoring processes in the computer ne...
Збережено в:
| Дата: | 2024 |
|---|---|
| Автори: | , , |
| Формат: | Стаття |
| Мова: | English |
| Опубліковано: |
Institute of Renewable Energy National Academy of Sciences of Ukraine
2024
|
| Теми: | |
| Онлайн доступ: | https://ve.org.ua/index.php/journal/article/view/455 |
| Теги: |
Додати тег
Немає тегів, Будьте першим, хто поставить тег для цього запису!
|
| Назва журналу: | Vidnovluvana energetika |
Репозитарії
Vidnovluvana energetika| Резюме: | The paper presents research, the purpose of which is to define a machine learning model for express analysis of network traffic in a distributed computer system for managing decentralized generation facilities based on renewable energy. The available tools for monitoring processes in the computer network are considered. The problem of network traffic anomaly detection is presented as a binary classification problem. The input data of the model is represented by 10 features, which are determined on the basis of the RFE method based on the results of computational experiments on classification based on the examples of the Network Intrusion Detection dataset. To determine the optimal model, both neural network models: MLP, RNN, LSTM, and traditional machine learning models: KNN, Logistic Regression, Decision Tree, GBM were investigated. Implementations of these models from Scikit-learn and TensorFlow resources were configured and trained. According to the results of computational experiments, the most accurate models for detecting network traffic anomalies in a distributed computer system were determined: LSTM (F1 score: 0.97 on the test sample, 0.95 - in working mode) and RNN (F1 score: 0.97 on the test sample, 0.94 - in working mode). Tests have shown that RNN or LSTM anomaly prediction when transmitting a packet does not change the time order relative to transmission without prediction. The use of defined machine learning models to build subsystems for detecting network traffic anomalies in systems of distributed generation of electric energy based on renewable sources will allow to increase resistance to failures and force majeure situations, the efficiency of their work, especially taking into account the challenges to the operation of the energy system of Ukraine during the war. |
|---|