Enhancing Network Security with a Multi-Modal Auto-Encoder for Netflow Traffic Analysis

Abstract

In today’s landscape of encrypted network communications, traditional intrusion detection systems (IDS) face significant challenges in analyzing traffic effectively. Their limited visibility into packet contents complicates the detection of diverse and evolving attack vectors. The integration of various data sources and flow monitoring tools further exacerbates these issues, making it difficult to form a coherent picture of network security. To address this, a novel framework is proposed that incorporates a multimodal Autoencoder (MMAE) in conjunction with an LSTM model. This approach aims to create and merge latent spaces derived from multiple datasets, enhancing feature aggregation in federated learning scenarios. The MMAE helps reduce dimensionality and align features from data generated by the NetFlow tool. Extensive evaluations were conducted using five benchmark datasets, including NF-UNSW-NB15 and NF-BoT-IoT, to develop a consolidated latent space. The latent spaces were then fused using techniques like concatenation, averaging, and weighted sums. Results from the LSTM classifier revealed a remarkable classificationaccuracy of 98.5% for the latent space aggregated through the Concat and Weighted sum methods. The proposed framework demonstrates promising potential for distributed anomaly detection in scenarios like Federated IDS. It allows for the efficient merging of similar NetFlow datasets while maintaining privacyand improving aggregation quality.

Authors

  • Ravi Veerabhadrappa Research Scholar, Department of Computer Science and Engineering, Siddaganga Institute of Technology
  • Poornima Athikatte Sampigerayappa Department of Computer Science and Engineering, Siddaganga Institute of Technology

DOI:

https://doi.org/10.31449/inf.v49i18.9727

Downloads

Published

12/13/2025

How to Cite

Veerabhadrappa, R., & Sampigerayappa, P. A. (2025). Enhancing Network Security with a Multi-Modal Auto-Encoder for Netflow Traffic Analysis. Informatica, 49(18). https://doi.org/10.31449/inf.v49i18.9727

Issue

Vol. 49 No. 18 (2025): Online-only issue

Section

Online-only

License

I assign to Informatica, An International Journal of Computing and Informatics ("Journal") the copyright in the manuscript identified above and any additional material (figures, tables, illustrations, software or other information intended for publication) submitted as part of or as a supplement to the manuscript ("Paper") in all forms and media throughout the world, in all languages, for the full term of copyright, effective when and if the article is accepted for publication. This transfer includes the right to reproduce and/or to distribute the Paper to other journals or digital libraries in electronic and online forms and systems.

I understand that I retain the rights to use the pre-prints, off-prints, accepted manuscript and published journal Paper for personal use, scholarly purposes and internal institutional use.

In certain cases, I can ask for retaining the publishing rights of the Paper. The Journal can permit or deny the request for publishing rights, to which I fully agree.

I declare that the submitted Paper is original, has been written by the stated authors and has not been published elsewhere nor is currently being considered for publication by any other journal and will not be submitted for such review while under review by this Journal.  The Paper contains no material that violates proprietary rights of any other person or entity. I have obtained written permission from copyright owners for any excerpts from copyrighted works that are included and have credited the sources in my article. I have informed the co-author(s) of the terms of this publishing agreement.


Copyright ©  Slovenian Society Informatika