Powered by OpenAIRE graph
Found an issue? Give us feedback
image/svg+xml art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos Open Access logo, converted into svg, designed by PLoS. This version with transparent background. http://commons.wikimedia.org/wiki/File:Open_Access_logo_PLoS_white.svg art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos http://www.plos.org/ ZENODOarrow_drop_down
image/svg+xml art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos Open Access logo, converted into svg, designed by PLoS. This version with transparent background. http://commons.wikimedia.org/wiki/File:Open_Access_logo_PLoS_white.svg art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos http://www.plos.org/
ZENODO
Article . 2025
License: CC BY
Data sources: ZENODO
ZENODO
Article . 2025
License: CC BY
Data sources: Datacite
ZENODO
Article . 2025
License: CC BY
Data sources: Datacite
 View all 2 versions
Claim

STATISTICAL AND MACHINE LEARNING APPROACHES FOR DETECTING ANOMALIES IN LARGE-VOLUME NETWORK TRAFFIC

descriptionPublicationkeyboard_double_arrow_right Article 09 Oct 2025 English Publisher:Zenodo
Authors: Ozodbek Rakhmonov;

doi: 10.5281/zenodo.17300533 , 10.5281/zenodo.17300532

STATISTICAL AND MACHINE LEARNING APPROACHES FOR DETECTING ANOMALIES IN LARGE-VOLUME NETWORK TRAFFIC

Abstract

Detecting anomalies in large-scale network traffic is one of the pressing issues in modern information security. The volume of traffic generated as a result of the expansion of Internet services, cloud computing, the development of IoT and 5G networks is increasing dramatically, and this process reduces the effectiveness of traditional security mechanisms. This article studies and compares statistical methods and machine learning (ML) approaches to detect anomalous behavior in the network. The advantages of statistical approaches, including Z-score, Chebyshev inequality, analysis of variance and time series models, are explained by their fast performance and efficiency in real-time monitoring, but their accuracy is limited in large-scale data. Machine learning methods (Random Forest, SVM, Neural networks, K-means, DBSCAN, Autoencoder) provide high accuracy and flexibility, but they are computationally intensive. The results of the study show that a hybrid approach - integrating statistical and ML methods - can significantly increase efficiency.

Related Organizations
Keywords

autoencoder, Network traffic analysis, big data, IoT security, cloud computing, hybrid model, unsupervised learning, real-time monitoring, supervised learning, anomaly detection, statistical approaches, post-quantum cryptography, 5G networks

  • BIP!
    Impact byBIP!
    selected citations
    These citations are derived from selected sources.
    This is an alternative to the "Influence" indicator, which also reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
    		 0
    popularity
    This indicator reflects the "current" impact/attention (the "hype") of an article in the research community at large, based on the underlying citation network.
    		 Average
    influence
    This indicator reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
    		 Average
    impulse
    This indicator reflects the initial momentum of an article directly after its publication, based on the underlying citation network.
    		 Average
Powered by OpenAIRE graph
Found an issue? Give us feedback
selected citations
These citations are derived from selected sources.
This is an alternative to the "Influence" indicator, which also reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
BIP!Citations provided by BIP!
popularity
This indicator reflects the "current" impact/attention (the "hype") of an article in the research community at large, based on the underlying citation network.
BIP!Popularity provided by BIP!
influence
This indicator reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
BIP!Influence provided by BIP!
impulse
This indicator reflects the initial momentum of an article directly after its publication, based on the underlying citation network.
BIP!Impulse provided by BIP!
0
Average
Average
Average
Green