Enhancing Network Security with a Multi-Modal Auto-Encoder for Netflow Traffic Analysis

Abstract

In today’s landscape of encrypted network communications, traditional intrusion detection systems (IDS) face significant challenges in analyzing traffic effectively. Their limited visibility into packet contents complicates the detection of diverse and evolving attack vectors. The integration of various data sources and flow monitoring tools further exacerbates these issues, making it difficult to form a coherent picture of network security. To address this, a novel framework is proposed that incorporates a multimodal Autoencoder (MMAE) in conjunction with an LSTM model. This approach aims to create and merge latent spaces derived from multiple datasets, enhancing feature aggregation in federated learning scenarios. The MMAE helps reduce dimensionality and align features from data generated by the NetFlow tool. Extensive evaluations were conducted using five benchmark datasets, including NF-UNSW-NB15 and NF-BoT-IoT, to develop a consolidated latent space. The latent spaces were then fused using techniques like concatenation, averaging, and weighted sums. Results from the LSTM classifier revealed a remarkable classificationaccuracy of 98.5% for the latent space aggregated through the Concat and Weighted sum methods. The proposed framework demonstrates promising potential for distributed anomaly detection in scenarios like Federated IDS. It allows for the efficient merging of similar NetFlow datasets while maintaining privacyand improving aggregation quality.

Authors

  • Ravi Veerabhadrappa Research Scholar, Department of Computer Science and Engineering, Siddaganga Institute of Technology
  • Poornima Athikatte Sampigerayappa Department of Computer Science and Engineering, Siddaganga Institute of Technology

DOI:

https://doi.org/10.31449/inf.v49i18.9727

Downloads

Published

12/13/2025

How to Cite

Veerabhadrappa, R., & Sampigerayappa, P. A. (2025). Enhancing Network Security with a Multi-Modal Auto-Encoder for Netflow Traffic Analysis. Informatica, 49(18). https://doi.org/10.31449/inf.v49i18.9727

Issue

Vol. 49 No. 18 (2025): Online-only issue

Section

Online-only

License

Authors retain copyright in their work. By submitting to and publishing with Informatica, authors grant the publisher (Slovene Society Informatika) the non-exclusive right to publish, reproduce, and distribute the article and to identify itself as the original publisher.

All articles are published under the Creative Commons Attribution license CC BY 3.0. Under this license, others may share and adapt the work for any purpose, provided appropriate credit is given and changes (if any) are indicated.

Authors may deposit and share the submitted version, accepted manuscript, and published version, provided the original publication in Informatica is properly cited.