Federated Self-Supervised Graph and Transformer Architectures for Adaptive, Privacy-Preserving Network Traffic Anomaly Detection
Federated Self-Supervised Graph and Transformer Architectures for Adaptive, Privacy-Preserving Network Traffic Anomaly Detection
C Raja Sekhar1, Bagadi Sai Priya2, Vandavasi Dileep3 , Benakala Murali Mohan Reddy4 Atmakuru Archana5
1 Assistant Professor, Dept of Information Technology, SV College of Engineering, Tirupathi, India.
2 B.Tech , Dept of Information Technology, SV College of Engineering, Tirupathi, India.
3 B.Tech , Dept of Information Technology, SV College of Engineering, Tirupathi, India.
4 B.Tech , Dept of Information Technology, SV College of Engineering, Tirupathi, India
5 B.Tech , Dept of Information Technology, SV College of Engineering, Tirupathi, India
Email: 1 rajasekhar.ch@svce.edu.in , 2saipriyabagadi@gmail.com, 3vandhavasidileep@gmail.com,
4muralimohanreddy20242@gmail.com, 5archana.a@gmail.com.
Corresponding Author*: C Raja Sekhar.
Abstract-Network traffic anomaly detection identifies unusual patterns or deviations in network data that could indicate security threats or malicious activities. It helps organizationsdetect and respond to potential cyberattacks by continuously monitoring and analyzing network behavior against established normal baselines.Existing machine learning models—Isolation Forest, Naive Bayes, XGBoost, LightGBM, and SVM—havedemonstrated varied effectiveness for network traffic anomaly detection, excelling in accuracy, scalability, and interpretability but with notable constraints like handling high- dimensional data, computational demands, and assumptions of feature independence they are noteffective. The proposed system in this work leverages advanced deep learning architectures, including convolutional and recurrent neural networks, to capturespatiotemporal dependencies in network traffic data. This approach enables the detection of subtle and complex anomalies, including zero-day attacks, by learning from both spatial and temporal patterns.Ensemble methods are integrated to further enhancedetection accuracy and reduce false positive rates, while online and incremental learning techniques allow the system to adapt dynamically to new attack patterns and changing network environments. The proposed system also incorporates distributed computing frameworks andmodel optimization strategies, such as pruning and quantization, to ensure scalability and real-time performance in production settings.Keywords: traffic anomaly detection, spatiotemporal dependencies,Ensemble methods, optimization strategies, distributed computing frameworks, recurrent neural networks, cyberattacks.