Abstract

Detection of anomalies and anti-patterns is essential for adaptive systems with the ability to perform without foreknowledge. Some problems require both classification and regression along with sensitivity tuning and explainability. Some have highly dimensional datasets that are time dependent. This research offers results for Long-Short-Term Memory (LSTM) and Gated Recurrent Units (GRU) algorithms using the BETH dataset. It unpacks metadata attributes and stages a unique approach via Abstract-Feature Analysis (AFA), hyper parameter tuning, and Principal Component Analysis (PCA) within the RNN model. By removing foreknowledge, this research offers insights into RNN anomaly detection performance when an event absent in training is processed by the model. Research indicates that iForest is one approach for anomaly detection, but evidence suggests RNN remains competitive with proper hyper parameter tuning and when foreknowledge is absent. Moreover, error/loss functions can be pertinent performance indicators of threat activity by signaling deviations in time series. The study also offers results of XGBoost, Vanilla LSTM autoencoder, and iForest models for contrast with LSTM/GRU. These contributions address gaps within cyber security research for those seeking probabilistic multi-disciplinary solutions for regression and classification in complex adaptive systems.

Department(s)

Engineering Management and Systems Engineering

Second Department

Electrical and Computer Engineering

Publication Status

Open Access

Keywords and Phrases

anomaly detection; cloud computing; complex adaptive systems; cyber security; deep learning; forensics; honeypot; machine learning; neural network

International Standard Serial Number (ISSN)

1877-0509

Document Type

Article - Conference proceedings

Document Version

Citation

File Type

text

Language(s)

English

Rights

© 2025 Elsevier, All rights reserved.

Publication Date

01 Jan 2025

Download

Full Text Link

Share

 
COinS