{rfName}
Ma

License and use

Citations

4

Altmetrics

Analysis of institutional authors

Del Rio, ACorresponding AuthorSerrano, JAuthorJimenez, DAuthorLlorente, AAuthor

Share

February 3, 2025
Publications
>
Article
No

Machine Learning-Based Network Anomaly Detection: Design, Implementation, and Evaluation

Publicated to:Ai. 5 (4): 2967-2983 - 2024-12-01 5(4), DOI: 10.3390/ai5040143

Authors: Schummer, P; del Rio, A; Serrano, J; Jimenez, D; Sánchez, G; Llorente, A

Affiliations

Tel Innovac Digital, Global CTIO Unit - Author
Univ Politecn Madrid, Escuela Tecn Super Ingn Sistemas Informat ETSISI, Informat Syst Dept - Author
Univ Politecn Madrid, Escuela Tecn Super Ingn Telecomunicac ETSIT - Author
Univ Politecn Madrid, Escuela Tecn Super Ingn Telecomunicac ETSIT, Phys Elect Elect Engn & Appl Phys Dept - Author
Univ Politecn Madrid, Escuela Tecn Super Ingn Telecomunicac ETSIT, Signals Syst & Radiocommun Dept - Author
See more

Abstract

Background: In the last decade, numerous methods have been proposed to define and detect outliers, particularly in complex environments like networks, where anomalies significantly deviate from normal patterns. Although defining a clear standard is challenging, anomaly detection systems have become essential for network administrators to efficiently identify and resolve irregularities. Methods: This study develops and evaluates a machine learning-based system for network anomaly detection, focusing on point anomalies within network traffic. It employs both unsupervised and supervised learning techniques, including change point detection, clustering, and classification models, to identify anomalies. SHAP values are utilized to enhance model interpretability. Results: Unsupervised models effectively captured temporal patterns, while supervised models, particularly Random Forest (94.3%), demonstrated high accuracy in classifying anomalies, closely approximating the actual anomaly rate. Conclusions: Experimental results indicate that the system can accurately predict network anomalies in advance. Congestion and packet loss were identified as key factors in anomaly detection. This study demonstrates the potential for real-world deployment of the anomaly detection system to validate its scalability.

Keywords

Anomaly detectionExplainable aiMachine learningNetwork anomaliesNetwork performancePredictive maintenance

Quality index

Bibliometric impact. Analysis of the contribution and dissemination channel

The work has been published in the journal Ai due to its progression and the good impact it has achieved in recent years, according to the agency WoS (JCR), it has become a reference in its field. In the year of publication of the work, 2024 there are still no calculated indicators, but in 2023, it was in position 86/197, thus managing to position itself as a Q2 (Segundo Cuartil), in the category Computer Science, Artificial Intelligence. Notably, the journal is positioned en el Cuartil Q2 para la agencia Scopus (SJR) en la categoría Artificial Intelligence.

Independientemente del impacto esperado determinado por el canal de difusión, es importante destacar el impacto real observado de la propia aportación.

Según las diferentes agencias de indexación, el número de citas acumuladas por esta publicación hasta la fecha 2025-07-10:

  • Scopus: 4

Impact and social visibility

From the perspective of influence or social adoption, and based on metrics associated with mentions and interactions provided by agencies specializing in calculating the so-called "Alternative or Social Metrics," we can highlight as of 2025-07-10:

  • The use of this contribution in bookmarks, code forks, additions to favorite lists for recurrent reading, as well as general views, indicates that someone is using the publication as a basis for their current work. This may be a notable indicator of future more formal and academic citations. This claim is supported by the result of the "Capture" indicator, which yields a total of: 50 (PlumX).

With a more dissemination-oriented intent and targeting more general audiences, we can observe other more global scores such as:

    It is essential to present evidence supporting full alignment with institutional principles and guidelines on Open Science and the Conservation and Dissemination of Intellectual Heritage. A clear example of this is:

    • The work has been submitted to a journal whose editorial policy allows open Open Access publication.
    • Assignment of a Handle/URN as an identifier within the deposit in the Institutional Repository: https://oa.upm.es/88684/

    Leadership analysis of institutional authors

    There is a significant leadership presence as some of the institution’s authors appear as the first or last signer, detailed as follows: First Author (Schummer, P) and Last Author (LLORENTE GOMEZ, ALVARO).

    the author responsible for correspondence tasks has been DEL RIO PONCE, ALBERTO.