Voting-Based Ensemble Model for Network Anomaly Detection

Network anomaly detection (NAD) aims to capture potential abnormal behaviors by observing traffic data over a period of time. In this work, we propose a machine learning framework based on XGBoost and deep neural networks to classify normal traffic and anomalous traffic. Data-driven feature engineering and post-processing are further proposed to improve the performance of the models. The experiment results suggest the proposed model can achieve 94% for F1 measure in the macro average of five labels on real-world traffic data.