Anomaly traffic detection method based on data equalization and machine learning

• 1、Beijing University of Posts and Telecommunications，Beijing 100000

Abstract：In recent years, cybersecurity incidents have emerged one after another, seriously damaging the interests of people and businesses. Maintaining cyber security is an important direction of scientific research today. The combination of machine learning and abnormal traffic detection technology is a popular method to detect network traffic, but the imbalance of data categories often has a great impact on traffic detection. In order to solve this problem, this paper makes improvements at the data level and proposes a network anomaly traffic detection method based on improved SMOTE technology, which focuses on the minority samples on the boundary and improves the disadvantages of the traditional SMOTE method. Based on the CICIDS2017 dataset, this paper verifies the effectiveness of the improved SMOTE algorithm combined with the undersampling method and the random forest algorithm, and compares the proposed algorithm with other abnormal traffic detection algorithms, and the experimental results show that the proposed method can effectively improve the abnormal traffic detection effect.

Keywords： Network security machine learning data equalization abnormal traffic detection