Advanced Technique for Imbalance Mitigation in Predictive Monitoring and Anomaly Detection System

Andriy Lutsiuk; Orest Lavriv; Mykola Beshley; Mykola Brych

Authors

Andriy Lutsiuk
Orest Lavriv
Mykola Beshley
Mykola Brych

Keywords:

network monitoring, proactive monitoring, communication systems, machine learning, neural network, anomaly detection, malicious

Abstract

This paper presents an advanced approach to improving network traffic monitoring systems using machine learning algorithms. The main attention is paid to the problems of data imbalance and insufficient labeling in real communication systems. These problems often lead to inaccurate anomaly detection and unreliable system performance. To solve these problems, the paper proposes a dynamic class weighting technique that improves anomaly detection, especially when dealing with uncertain or unevenly represented data. The technique ensures that minority classes, such as malicious or anomalous traffic, are properly accounted for during model training, which improves overall detection accuracy. This approach provides the ability to dynamically change class weights based on new input data, and the simplicity of the model, because it is linear and does not have many layers, allows for relatively quick retraining. In addition, the paper describes an optimized data preparation process that facilitates efficient training of neural networks. These networks are integrated into proactive monitoring modules, which allows for real-time detection of network anomalies and potential threats. Although the proposed multiclass approach yields slightly lower global metrics (Precision 0.88, Recall 0.88) than the binary baseline, it significantly improves malicious traffic detection by introducing an additional class for uncertain samples, thus offering a more realistic and robust representation of network behavior. This proactive approach is particularly useful in today's communications environments, which are characterized by increasing traffic volumes and greater data diversity. By providing rapid detection and response to network breaches, the proposed solution increases the reliability and stability of networks, providing more robust protection against new cyber threats. The approach is particularly well suited for dynamic and complex networks, where traditional static monitoring methods often prove insufficient. The techniques presented in this article thus contribute to the development of more intelligent and responsive network monitoring systems that can cope with the complexities of modern communication infrastructures, where the demand for real-time analysis and anomaly detection continues to grow.

References

C. L. Aldea, R. Bocu, and R. N. Solca, “Real-time monitoring and management of hardware and software resources in heterogeneous computer networks through an integrated system architecture,” Symmetry, vol. 15, p. 1134, 2023, https://doi.org/10.3390/sym15061134.

W. Song, M. Beshley, K. Przystupa, H. Beshley, O. Kochan, A. Pryslupskyi, D. Pieniak, and J. Su, “A software deep packet inspection system for network traffic analysis and anomaly detection,” Sensors, vol. 20, p. 1637, 2020, https://doi.org/10.3390/s20061637.

J. Tang, T. Qin, D. Kong, Z. Zhou, X. Li, Y. Wu, and J. Gu, “Anomaly detection in social-aware IoT networks,” IEEE Trans. Netw. Serv. Manag., early access, 2023, https://doi.org/10.1109/TNSM.2023.3242320.

H. Bilakanti, S. Pasam, V. Palakollu, and S. Utukuru, “Anomaly detection in IoT environment using machine learning,” Security Privacy, 2024, https://doi.org/10.1002/spy2.366.

K. Albulayhi and Q. A. Al-Haija, “Adversarial deep learning in anomaly based intrusion detection systems for IoT environments,” Int. J. Wireless Microw. Technol. (IJWMT), vol. 13, no. 4, pp. 1–10, 2023, https://doi.org/10.5815/ijwmt.2023.04.01.

N. Lutsiv, T. Maksymyuk, M. Beshley, O. Lavriv, V. Andrushchak, A. Sachenko, L. Vokorokos, and J. Gazda, “Deep semisupervised learning-based network anomaly detection in heterogeneous information systems,” CMC-Comput. Mater. Continua, vol. 70, pp. 413–431, 2022, https://doi.org/10.32604/cmc.2022.018773.

O. Aslanli, “Cloud and on-premises based security solution for industrial IoT,” Int. J. Inf. Eng. Electron. Bus. (IJIEEB), vol. 16, no. 5, pp. 55–62, 2024, https://doi.org/10.5815/ijieeb.2024.05.02.

S. Lehominova, Y. Shchavinsky, T. Muzhanova, D. Rabchun, and M. Zaporozhchenko, “Application of sentiment analysis to prevent cyberattacks on objects of critical information infrastructure,” Int. J. Comput., vol. 22, no. 4, pp. 534–540, 2023, https://doi.org/10.47839/ijc.22.4.3362.

M. Beshley, N. Kryvinska, and H. Beshley, “Quality of service management method in a heterogeneous wireless network using big data technology and mobile QoE application,” Simul. Model. Pract. Theory, vol. 127, p. 102771, 2023, https://doi.org/10.1016/j.simpat.2023.102771.

G. Nguyen, S. Dlugolinsky, V. Tran, and Á. López García, “Deep learning for proactive network monitoring and security protection,” IEEE Access, vol. 8, pp. 19696–19716, 2020, https://doi.org/10.1109/ACCESS.2020.2968718.

Y. Chen, H. Peng, L. Huang, J. Zhang, and W. Jiang, “A novel MAE-based self-supervised anomaly detection and localization method,” IEEE Access, vol. 11, pp. 127526–127538, 2023, https://doi.org/10.1109/ACCESS.2023.3332475.

A. Abdelkhalek and M. Mashaly, “Addressing the class imbalance problem in network intrusion detection systems using data resampling and deep learning,” J. Supercomput., vol. 79, no. 10, pp. 10611–10644, 2023, https://doi.org/10.1007/s11227-023-05073-x.

D. Mahesh and T. S. Kumar, “Machine learning algorithms for detecting DDoS attacks in intrusion detection systems,” Int. J. Wireless Microw. Technol. (IJWMT), vol. 14, no. 5, pp. 59–71, 2024, https://doi.org/10.5815/ijwmt.2024.05.05.

X. Li, G. Shi, and Y. Wu, “Utilizing machine learning techniques for network traffic anomaly detection,” Appl. Comput. Eng., vol. 36, no. 1, pp. 242–247, 2024, https://doi.org/10.54254/2755-2721/36/20230454.

S. Dong, H. Su, and Y. Liu, “A-CAVE: Network abnormal traffic detection algorithm based on variational autoencoder,” ICT Express, vol. 9, no. 5, pp. 896–902, 2023, https://doi.org/10.1016/j.icte.2022.11.006.

Z. Hu, R. Odarchenko, S. Gnatyuk, M. Zaliskyi, A. Chaplits, S. Bondar, and V. Borovik, “Statistical techniques for detecting cyberattacks on computer networks based on an analysis of abnormal traffic behavior,” Int. J. Comput. Netw. Inf. Secur. (IJCNIS), vol. 12, no. 6, pp. 1–13, 2020, https://doi.org/10.5815/ijcnis.2020.06.01.

I. Zavushchak, “The impact of artificial intelligence on cybersecurity and data protection,” Int. J. Wireless Microw. Technol. (IJWMT), vol. 15, no. 4, pp. 65–72, 2025, https://doi.org/10.5815/ijwmt.2025.04.05.

Y.S. Ndichu, S. McOyowo, H. Okoyo, and C. Wekesa, “Detecting remote access network attacks using supervised machine learning methods,” Int. J. Comput. Netw. Inf. Secur. (IJCNIS), vol. 15, no. 2, pp. 48–61, 2023, https://doi.org/10.5815/ijcnis.2023.02.04.

M. Goyal and Q. H. Mahmoud, “A systematic review of synthetic data generation techniques using generative AI,” Electronics, vol. 13, p. 3509, 2024, https://doi.org/10.3390/electronics13173509.

A. Khandare and A. S. Alvi, “Performance analysis of improved clustering algorithm on real and synthetic data,” Int. J. Comput. Netw. Inf. Secur. (IJCNIS), vol. 9, no. 10, pp. 57–65, 2017, https://doi.org/10.5815/ijcnis.2017.10.07.

V. Kumar and D. Sinha, “Synthetic attack data generation model applying generative adversarial network for intrusion detection,” Comput. Secur., vol. 125, p. 103054, 2023, https://doi.org/10.1016/j.cose.2022.103054.

S. Sanshi, R. Vatambeti, R. V., and S. Z. Rahman, “An efficient optimized neural network system for intrusion detection in wireless sensor networks,” Int. J. Comput. Netw. Inf. Secur. (IJCNIS), vol. 16, no. 6, pp. 83–94, 2024, https://doi.org/10.5815/ijcnis.2024.06.07.

B. Rusyn, O. Lutsyk, R. Kosarevych, T. Maksymyuk, and J. Gazda, “Features extraction from multi-spectral remote sensing images based on multi-threshold binarization,” Sci. Rep., vol. 13, no. 1, p. 19655, 2023, https://doi.org/10.1038/s41598-023-46785-7.

X. Ma and W. Shi, “AESMOTE: Adversarial reinforcement learning with SMOTE for anomaly detection,” IEEE Trans. Netw. Sci. Eng., vol. 8, no. 2, pp. 943–956, 2021, https://doi.org/10.1109/TNSE.2020.3004312.

K. Jiang, W. Wang, A. Wang, and H. Wu, “Network intrusion detection combined hybrid sampling with deep hierarchical network,” IEEE Access, vol. 8, pp. 32464–32476, 2020, https://doi.org/10.1109/ACCESS.2020.2973730.

A. A. Awad, A. F. Ali, and T. Gaber, “An improved long short term memory network for intrusion detection,” PLoS One, vol. 18, no. 8, p. e0284795, 2023, https://doi.org/10.1371/journal.pone.0284795.

K. Mounika, P. V. Rao, and A. Anbalagan, “Modified CNN model for network intrusion detection and classification system using local outlier factor-based recursive feature elimination,” Int. J. Comput. Netw. Inf. Secur. (IJCNIS), vol. 17, no. 1, pp. 82–91, 2025, https://doi.org/10.5815/ijcnis.2025.01.07.

A. I. Jony and A. K. B. Arnob, “Securing the Internet of Things: Evaluating machine learning algorithms for detecting IoT cyberattacks using CIC-IoT2023 dataset,” Int. J. Inf. Technol. Comput. Sci. (IJITCS), vol. 16, no. 4, pp. 56–65, 2024, https://doi.org/10.5815/ijitcs.2024.04.04.

A. Sharma and H. Babbar, “LUFlow: Attack detection in the Internet of Things using machine learning approaches,” Proceedings of the 2023 International Conference on Distributed Computing and Electrical Circuits and Electronics (ICDCECE), Ballar, India, 2023, pp. 1-5, https://doi.org/10.1109/ICDCECE57866.2023.10150813.

V. Kosheliuk and Y. Tulashvili, “Implementing honeypots for detecting cyber threats with AWS using the ELK,” Int. J. Comput., vol. 23, no. 4, pp. 618–624, 2024, https://doi.org/10.47839/ijc.23.4.3761.

Google, “Datasets: Imbalanced datasets,” Google for Developers. [Online]. Available at: https://developers.google.com/machine-learning/data-prep/construct/sampling-splitting/imbalanced-data.

Keras, “Imbalanced classification: credit card fraud detection,” Keras.io. [Online]. Available at: https://keras.io/examples/structured_data/imbalanced_classification/.

S. A. Wahab, S. Sultana, N. Tariq, M. Mujahid, J. A. Khan, and A. Mylonas, “A multi-class intrusion detection system for DDoS attacks in IoT networks using deep learning and transformers,” Sensors, vol. 25, no. 15, p. 4845, 2025, https://doi.org/10.3390/s25154845.

H. Kamal and M. Mashaly, “Robust intrusion detection system using an improved hybrid deep learning model for binary and multi-class classification in IoT networks,” Technologies, vol. 13, no. 3, p. 102, 2025, https://doi.org/10.3390/technologies13030102.

A. K. Sharma, R. Gupta, and P. Singh, “Multiclass classification by various machine learning techniques,” Math. Probl. Eng., vol. 2023, pp. 1–11, 2023, https://doi.org/10.1155/2023/1956865.

F. Ahmad Khan, A. Ali Shah, N. Alshammry, S. Saif, Wasim Khan, M. O. Malik, Z. Ullah, “Balanced multi-class network intrusion detection using machine learning,” IEEE Access, vol. 12, pp. 178222-178236, 2024, https://doi.org/10.1109/ACCESS.2024.3503497.

S.-M. Tseng, Y.-Q. Wang, and Y.-C. Wang, “Multi-class intrusion detection based on transformer for IoT networks using CIC-IoT-2023 dataset,” Future Internet, vol. 16, no. 8, p. 284, 2024, https://doi.org/10.3390/fi16080284.

International Journal of Computing

Advanced Technique for Imbalance Mitigation in Predictive Monitoring and Anomaly Detection System

Authors

Keywords:

Abstract

References

Downloads

Published

How to Cite

Issue

Section

License

Information