Abstract

With the rapid growth of network traffic and the increasing sophistication of cyberattacks, detecting network traffic anomalies and intrusions in real-time is crucial for network security. However, the volume, velocity, and variety of network traffic data make manual inspection inefficient. This paper proposes using deep learning techniques to build intelligent models that can automatically detect network traffic anomalies in big data environments. We present an anomaly detection framework using convolutional neural networks (CNN) and long short-term memory (LSTM) models. The models are trained on network flow data extracted from packet capture files. We evaluate the models on benchmark intrusion detection datasets and a large-scale real network traffic dataset. Results show deep learning models can effectively detect anomalies and outperform traditional shallow learning models. The models can process high-volume streaming data in real-time with low latency. We also propose optimization techniques, such as transfer learning and model compression, to improve detection efficiency. This work demonstrates deep learning's effectiveness for real-time network traffic anomaly detection in big data environments.