Alagbe, Oladapo Abiodun and Covenant University, Theses (2021) AN INVESTIGATION INTO ANOMALY BASED NETWORK INTRUSION DETECTION USING SELECTED MACHINE LEARNING APPROACHES. Masters thesis, Covenant University Ota..
PDF
Download (242kB) |
Abstract
Early detection of attacks and indicators of compromise is critical in identifying and mitigating the actions of attackers and threat actors. Various approaches have been used to achieve prompt detection of such errant behaviours, all to varying degrees of success. Machine Learning (ML) techniques have been mainly successful in detecting activities within networks that deviate from expected patterns compared to other statistical approaches. However, these detection methods require further improvement due to their detection inconsistencies and high false alarm rates. This study presents a network anomaly detection model that utilises Deep Autoencoders (DAE) for feature extraction and machine learning techniques for classification. This model is capable of detecting various forms of network-based attacks. The CIC-IDS2017 dataset, which consists of different malware and attack categories as observed in modern networks, was used to train and evaluate the performances of various machine learning techniques, and the best performing technique was chosen. The methods evaluated include the Logistic Regression (LR), Decision Tree (DT), Support Vector Machine (SVM), and Multilayer Perceptron (MLP) based models. These models were created using machine learning and deep learning workflows. The performances of the four (4) models were compared against each other, using iterations of the dataset that were imbalanced, balanced, and balanced with dimensionality reduction performed using the Deep Autoencoder. Based on a comparison with existing works, it was determined that the developed model performed comparatively well using metrics like the Receiver Operating Characteristics (ROC) Area Under Curve (AUC), Precision and Recall. The results obtained from the study indicates that the Decision Tree model outperforms other approaches explored.
Item Type: | Thesis (Masters) |
---|---|
Uncontrolled Keywords: | Anomaly Detection, Deep autoencoder, Logistic Regression, Support Vector Machine, Decision Tree, Multilayer Perceptron, Network Intrusion Detection |
Subjects: | Q Science > QA Mathematics Q Science > QA Mathematics > QA75 Electronic computers. Computer science |
Divisions: | Faculty of Engineering, Science and Mathematics > School of Electronics and Computer Science |
Depositing User: | Mrs Patricia Nwokealisi |
Date Deposited: | 27 Jan 2022 17:18 |
Last Modified: | 27 Jan 2022 17:18 |
URI: | http://eprints.covenantuniversity.edu.ng/id/eprint/15589 |
Actions (login required)
View Item |