Cyber Data Anomaly Detection Using Autoencoder Neural Networks

Author

Spencer A. Butt

Date of Award

3-23-2018

Document Type

Thesis

Degree Name

Master of Science in Operations Research

Department

Department of Operational Sciences

First Advisor

Bradley C. Boehmke, PhD.

Abstract

The Department of Defense requires a secure presence in the cyber domain to successfully execute its stated mission of deterring war and protecting the security of the United States. With potentially millions of logged network events occurring on defended networks daily, a limited staff of cyber analysts require the capability to identify novel network actions for security adjudication. The detection methodology proposed uses an autoencoder neural network optimized via design of experiments for the identification of anomalous network events. Once trained, each logged network event is analyzed by the neural network and assigned an outlier score. The network events with the largest outlier scores are anomalous and worthy of further review by cyber analysts. This neural network approach can operate in conjunction with alternate tools for outlier detection, enhancing the overall anomaly detection capability of cyber analysts.

AFIT Designator

AFIT-ENS-MS-18-M-113

DTIC Accession Number

AD1056317

Recommended Citation

Butt, Spencer A., "Cyber Data Anomaly Detection Using Autoencoder Neural Networks" (2018). Theses and Dissertations. 1837.
https://scholar.afit.edu/etd/1837