WT-CFormer: High-Performance Web Traffic Anomaly Detection Using CNN and Transformer Networks

Web traffic (WT) refers to time-series data that captures the volume of data transmitted to and from a web server during a user's visit to a website. Anomalies in web traffic signal unusual fluctuations in this data, making their detection crucial for ensuring network security. Deep neural network approaches for web traffic anomaly detection have achieved cutting-edge classification performance. However, since these methods are still insufficient in terms of classification effectiveness and speed, researching fast and accurate anomaly detection methods is a challenging problem. In this paper, we propose a novel anomaly detection model (WT-CFormer) specifically designed for web traffic, which innovatively use the Transformer to efficiently and accurately extract the temporal features of web traffic and deeply integrates the CNN to extract the spatial features of web traffic to improve the anomaly detection performance. In addition, we conduct a large number of experiments to prove the effectiveness and superiority of WT-CFormer for web traffic anomaly detection. In evaluation experiments, WT-CFormer has the highest performance, obtaining a recall as high as 96.79%, a precision of 97.35%, an F1 score of 97.07%, and an accuracy of 99.43%, which is 7.09%,1.15%, 4.77%, and 0.83% better than the state-of-the-art method, followed by C-LSTM, CTGA, random forest, and KNN algorithms. In addition, we find that the classification performance of WT-CFormer with only 50 training epochs outperforms C-LSTM with 500 training epochs, which greatly improves the convergence performance. Finally, we perform ablation experiments to demonstrate the necessity of each component within WT-CFormer.