Artificial Intelligence-Based Traffic Anomaly Detection

Relevant. Nowadays to detect signs of abnormal traffic behavior signature analysis is used, but this method has its limitations. Given the disadvantages of signature analysis, it becomes clear that using this method alone can limit the ability to detect and prevent new and unknown anomalies. Considered implementation of a custom analysis in addition to the signature to provide a more complete and reliable information system protection. The aim of the study is to increase the efficiency of detecting signs of abnormal traffic behavior through the use of artificial intelligence methods. In result the following were developed: an algorithm for detecting network anomalies, a software tool "Detection of network anomalies based on methods of artificial intelligence", a software stand. The novelty of the study lies in the fact that the software allows you to calculate the criteria for detecting anomalies of network traffic in a period of time shorter than that of previously presented analogs and allows you to detect various anomalies without prior training on ready-made anomaly templates. The practical significance. The results obtained in the work can be used for classification of anomalies of network traffic in information systems and infrastructures.