Current Search: Intrusion detection systems Computer security (x)
View All Items
- Title
- NETWORK INTRUSION DETECTION AND DEEP LEARNING MECHANISMS.
- Creator
- Chatterjee, Suvosree, Cardei, Ionut, Florida Atlantic University, Department of Computer and Electrical Engineering and Computer Science, College of Engineering and Computer Science
- Abstract/Description
-
Cyber attack is a strong threat to the digital world. So, it’s very essential to keep the network safe. Network Intrusion Detection system is the system to address this problem. Network Intrusion Detection system functions like a firewall, and monitors incoming and outgoing traffic like ingress and egress filtering fire wall. Network Intrusion Detection System does anomaly and hybrid detection for detecting known and unknown attacks. My thesis discusses about the several network cyber attacks...
Show moreCyber attack is a strong threat to the digital world. So, it’s very essential to keep the network safe. Network Intrusion Detection system is the system to address this problem. Network Intrusion Detection system functions like a firewall, and monitors incoming and outgoing traffic like ingress and egress filtering fire wall. Network Intrusion Detection System does anomaly and hybrid detection for detecting known and unknown attacks. My thesis discusses about the several network cyber attacks we face nowadays and I created several Deep learning models to detect accurately, I used NSL-KDD dataset which is a popular dataset, that contains several network attacks. After experimenting with different deep learning models I found some disparities in the training accuracy and validation accuracy, which is a clear indication of overfitting. To reduce the overfitting I introduced regularization and dropout in the models and experimented with different hyperparameters.
Show less - Date Issued
- 2023
- PURL
- http://purl.flvc.org/fau/fd/FA00014128
- Subject Headings
- Deep learning (Machine learning), Cyberterrorism, Intrusion detection systems (Computer security)
- Format
- Document (PDF)
- Title
- ENHANCING IOT DEVICES SECURITY: ENSEMBLE LEARNING WITH CLASSICAL APPROACHES FOR INTRUSION DETECTION SYSTEM.
- Creator
- Alotaibi, Yazeed, Ilyas, Mohammad, Florida Atlantic University, Department of Computer and Electrical Engineering and Computer Science, College of Engineering and Computer Science
- Abstract/Description
-
The Internet of Things (IoT) refers to a network of interconnected nodes constantly engaged in communication, data exchange, and the utilization of various network protocols. Previous research has demonstrated that IoT devices are highly susceptible to cyber-attacks, posing a significant threat to data security. This vulnerability is primarily attributed to their susceptibility to exploitation and their resource constraints. To counter these threats, Intrusion Detection Systems (IDS) are...
Show moreThe Internet of Things (IoT) refers to a network of interconnected nodes constantly engaged in communication, data exchange, and the utilization of various network protocols. Previous research has demonstrated that IoT devices are highly susceptible to cyber-attacks, posing a significant threat to data security. This vulnerability is primarily attributed to their susceptibility to exploitation and their resource constraints. To counter these threats, Intrusion Detection Systems (IDS) are employed. This study aims to contribute to the field by enhancing IDS detection efficiency through the integration of Ensemble Learning (EL) methods with traditional Machine Learning (ML) and deep learning (DL) models. To bolster IDS performance, we initially utilize a binary ML classification approach to classify IoT network traffic as either normal or abnormal, employing EL methods such as Stacking and Voting. Once this binary ML model exhibits high detection rates, we extend our approach by incorporating a ML multi-class framework to classify attack types. This further enhances IDS performance by implementing the same Ensemble Learning methods. Additionally, for further enhancement and evaluation of the intrusion detection system, we employ DL methods, leveraging deep learning techniques, ensemble feature selections, and ensemble methods. Our DL approach is designed to classify IoT network traffic. This comprehensive approach encompasses various supervised ML, and DL algorithms with ensemble methods. The proposed models are trained on TON-IoT network traffic datasets. The ensemble approaches are evaluated using a comprehensive metrics and compared for their effectiveness in addressing this classification tasks. The ensemble classifiers achieved higher accuracy rates compared to individual models, a result attributed to the diversity of learning mechanisms and strengths harnessed through ensemble learning. By combining these strategies, we successfully improved prediction accuracy while minimizing classification errors. The outcomes of these methodologies underscore their potential to significantly enhance the effectiveness of the Intrusion Detection System.
Show less - Date Issued
- 2023
- PURL
- http://purl.flvc.org/fau/fd/FA00014304
- Subject Headings
- Internet of things, Intrusion detection systems (Computer security), Machine learning
- Format
- Document (PDF)
- Title
- DATA COLLECTION FRAMEWORK AND MACHINE LEARNING ALGORITHMS FOR THE ANALYSIS OF CYBER SECURITY ATTACKS.
- Creator
- Calvert, Chad, Khoshgoftaar, Taghi M., Florida Atlantic University, College of Engineering and Computer Science, Department of Computer and Electrical Engineering and Computer Science
- Abstract/Description
-
The integrity of network communications is constantly being challenged by more sophisticated intrusion techniques. Attackers are shifting to stealthier and more complex forms of attacks in an attempt to bypass known mitigation strategies. Also, many detection methods for popular network attacks have been developed using outdated or non-representative attack data. To effectively develop modern detection methodologies, there exists a need to acquire data that can fully encompass the behaviors...
Show moreThe integrity of network communications is constantly being challenged by more sophisticated intrusion techniques. Attackers are shifting to stealthier and more complex forms of attacks in an attempt to bypass known mitigation strategies. Also, many detection methods for popular network attacks have been developed using outdated or non-representative attack data. To effectively develop modern detection methodologies, there exists a need to acquire data that can fully encompass the behaviors of persistent and emerging threats. When collecting modern day network traffic for intrusion detection, substantial amounts of traffic can be collected, much of which consists of relatively few attack instances as compared to normal traffic. This skewed distribution between normal and attack data can lead to high levels of class imbalance. Machine learning techniques can be used to aid in attack detection, but large levels of imbalance between normal (majority) and attack (minority) instances can lead to inaccurate detection results.
Show less - Date Issued
- 2019
- PURL
- http://purl.flvc.org/fau/fd/FA00013289
- Subject Headings
- Machine learning, Algorithms, Anomaly detection (Computer security), Intrusion detection systems (Computer security), Big data
- Format
- Document (PDF)
- Title
- MACHINE LEARNING ALGORITHMS FOR PREDICTING BOTNET ATTACKS IN IOT NETWORKS.
- Creator
- Leevy, Joffrey, Khoshgoftaar, Taghi M., Florida Atlantic University, Department of Computer and Electrical Engineering and Computer Science, College of Engineering and Computer Science
- Abstract/Description
-
The proliferation of Internet of Things (IoT) devices in various networks is being matched by an increase in related cybersecurity risks. To help counter these risks, big datasets such as Bot-IoT were designed to train machine learning algorithms on network-based intrusion detection for IoT devices. From a binary classification perspective, there is a high-class imbalance in Bot-IoT between each of the attack categories and the normal category, and also between the combined attack categories...
Show moreThe proliferation of Internet of Things (IoT) devices in various networks is being matched by an increase in related cybersecurity risks. To help counter these risks, big datasets such as Bot-IoT were designed to train machine learning algorithms on network-based intrusion detection for IoT devices. From a binary classification perspective, there is a high-class imbalance in Bot-IoT between each of the attack categories and the normal category, and also between the combined attack categories and the normal category. Within the scope of predicting botnet attacks in IoT networks, this dissertation demonstrates the usefulness and efficiency of novel machine learning methods, such as an easy-to-classify method and a unique set of ensemble feature selection techniques. The focus of this work is on the full Bot-IoT dataset, as well as each of the four attack categories of Bot-IoT, namely, Denial-of-Service (DoS), Distributed Denial-of-Service (DDoS), Reconnaissance, and Information Theft. Since resources and services become inaccessible during DoS and DDoS attacks, this interruption is costly to an organization in terms of both time and money. Reconnaissance attacks often signify the first stage of a cyberattack and preventing them from occurring usually means the end of the intended cyberattack. Information Theft attacks not only erode consumer confidence but may also compromise intellectual property and national security. For the DoS experiment, the ensemble feature selection approach led to the best performance, while for the DDoS experiment, the full set of Bot-IoT features resulted in the best performance. Regarding the Reconnaissance experiment, the ensemble feature selection approach effected the best performance. In relation to the Information Theft experiment, the ensemble feature selection techniques did not affect performance, positively or negatively. However, the ensemble feature selection approach is recommended for this experiment because feature reduction eases computational burden and may provide clarity through improved data visualization. For the full Bot-IoT big dataset, an explainable machine learning approach was taken using the Decision Tree classifier. An easy-to-learn Decision Tree model for predicting attacks was obtained with only three features, which is a significant result for big data.
Show less - Date Issued
- 2022
- PURL
- http://purl.flvc.org/fau/fd/FA00013933
- Subject Headings
- Machine learning, Internet of things--Security measures, Big data, Intrusion detection systems (Computer security)
- Format
- Document (PDF)
- Title
- AN EFFECTIVE ENSEMBLE LEARNING-BASED REAL-TIME INTRUSION DETECTION SCHEME FOR IN-VEHICLE NETWORK.
- Creator
- Alalwany, Easa, Mahgoub, Imadeldin, Florida Atlantic University, Department of Computer and Electrical Engineering and Computer Science, College of Engineering and Computer Science
- Abstract/Description
-
Connectivity and automation have expanded with the development of autonomous vehicle technology. One of several automotive serial protocols that can be used in a wide range of vehicles is the controller area network (CAN). The growing functionality and connectivity of modern vehicles make them more vulnerable to cyberattacks aimed at vehicular networks. The CAN bus protocol is vulnerable to numerous attacks as it lacks security mechanisms by design. It is crucial to design intrusion detection...
Show moreConnectivity and automation have expanded with the development of autonomous vehicle technology. One of several automotive serial protocols that can be used in a wide range of vehicles is the controller area network (CAN). The growing functionality and connectivity of modern vehicles make them more vulnerable to cyberattacks aimed at vehicular networks. The CAN bus protocol is vulnerable to numerous attacks as it lacks security mechanisms by design. It is crucial to design intrusion detection systems (IDS) with high accuracy to detect attacks on the CAN bus. In this dissertation, to address all these concerns, we design an effective machine learning-based IDS scheme for binary classification that utilizes eight supervised ML algorithms, along with ensemble classifiers, to detect normal and abnormal activities in the CAN bus. Moreover, we design an effective ensemble learning-based IDS scheme for detecting and classifying DoS, fuzzing, replay, and spoofing attacks. These are common CAN bus attacks that can threaten the safety of a vehicle’s driver, passengers, and pedestrians. For this purpose, we utilize supervised machine learning in combination with ensemble methods. Ensemble learning aims to achieve better classification results through the use of different classifiers that are combined into a single classifier. Furthermore, in the pursuit of real-time attack detection and classification, we use the Kappa architecture for efficient data processing, enhancing the IDS’s accuracy and effectiveness. We build this system using the most recent CAN intrusion dataset provided by the IEEE DataPort. We carried out the performance evaluation of the proposed system in terms of accuracy, precision, recall, F1-score, and area under curve receiver operator characteristic (ROC-AUC). For the binary classification, the ensemble classifiers outperformed the individual supervised ML classifiers and improved the effectiveness of the classifier. For detecting and classifying CAN bus attacks, the ensemble learning methods resulted in a robust and accurate multiclassification IDS for common CAN bus attacks. The stacking ensemble method outperformed other recently proposed methods, achieving the highest performance. For the real-time attack detection and classification, the ensemble methods significantly enhance the accuracy the real-time CAN bus attack detection and classification. By combining the strengths of multiple models, the stacking ensemble technique outperformed individual supervised models and other ensembles.
Show less - Date Issued
- 2023
- PURL
- http://purl.flvc.org/fau/fd/FA00014298
- Subject Headings
- Automated vehicles, Controller Area Network (Computer network), Intrusion detection systems (Computer security)
- Format
- Document (PDF)