JavaScript is disabled for your browser. Some features of this site may not work without it.
| Title: | Machine Learning Techniques to Detect Known and Novel Cyber-attacks |
| Author(s): | Monshizadeh, Mehrnoosh |
| Date: | 2023 |
| Language: | en |
| Pages: | 92 + app. 94 |
| Department: | Tietoliikenne- ja tietoverkkotekniikan laitos Department of Communications and Networking |
| ISBN: | 978-952-64-1175-0 (electronic) 978-952-64-1174-3 (printed) |
| Series: | Aalto University publication series DOCTORAL THESES, 31/2023 |
| ISSN: | 1799-4942 (electronic) 1799-4934 (printed) 1799-4934 (ISSN-L) |
| Supervising professor(s): | Kantola, Raimo, Prof., Aalto University, Department of Communications and Networking, Finland |
| Thesis advisor(s): | Yan, Zheng, Prof., Xi'dian University, China |
| Subject: | Communication |
| Keywords: | machine learning, intrusion detection, overfitting, cyber-security, cyber-attack |
| Archive | yes |
|
|
|
Abstract:Intrusion detection systems are considered well-known tools for monitoring and detecting malicious traffic in communication networks. However, traditional intrusion detection systems rely on known signatures and lack the ability to detect novel attacks. Therefore, machine learning techniques are introduced to complement intrusion detection and to dynamically identify the relevant data of interest and intelligently find out the security threats. However, in order to train algorithms in machine learning based intrusion detection systems, obtaining reliable datasets with appropriate characteristics is a major challenge. Due to the lack of labelled datasets, machine learning based intrusion detection systems suffer from overfitting problem which makes them inefficient for real time intrusion detection. Furthermore, in real-life scenarios, considerable amount of incoming data does not belong to any known category; and for unknown traffic, dividing data into the classes without having information on the nature of the traffic is challenging. In addition, annotating a large dataset is very costly and hence in practice we can label only a few examples manually. On the other hand, the 5G+ and 6G networks are expected to deliver massive connectivity to numerous IoT/IoE devices, where a huge amount of data needs to be analyzed by artificial intelligence enabled mechanisms. Consequently, a mature and scalable architecture must be considered as a mandatory objective in machine learning based intrusion detection systems.This thesis explores machine learning techniques to handle mentioned issues in the cyber-security domain. The thesis proposes an intelligent, modular, robust and scalable security solution to dynamically detect known and unknown cyber-attacks targeting mobile networks. This project takes the intrusion detection to the next level with a hybrid machine learning based mechanism namely Hybrid Anomaly Detection Model that employs a protocol analyzer and various supervised and unsupervised techniques to filter network traffic and identify malicious activities in high load communication networks. The protocol analyzer classifies and filters vulnerable protocols to avoid unnecessary computation load, the classifiers detect known cyber-attacks, while clustering algorithms use these attributes and features to detect novel attacks.
|
|
Description:The author has not given permission for Aaltodoc -publishing.
|
|
Parts:[Publication 1]: M. Monshizadeh, V. Khatri and R. Kantola, “An adaptive detection and prevention architecture for unsafe traffic in SDN enabled mobile networks”, in 2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM), pp. 883-884, 2017, DOI: 10.23919/INM.2017.7987395 View at Publisher [Publication 2]: M. Monshizadeh, V. Khatri, R. Kantola and Z. Yan, “An Orchestrated Security Platform for Internet of Robots”, in Green, Pervasive, and Cloud Computing (GPC), pp. 298-312, 2017. DOI: 10.1007/978-3-319-57186-7_23 View at Publisher [Publication 3]: M. Monshizadeh, V. Khatri, B. G. Atli and R. Kantola, “An Intelligent Defense and Filtration Platform for Network Traffic”, in Wired/Wireless Internet Communications (WWIC), pp. 107-118, 2018, DOI: 10.1007/978-3-030-02931-9_9 View at Publisher [Publication 4]: M. Monshizadeh, V. Khatri, B. G. Atli, R. Kantola and Z. Yan, “Performance Evaluation of a Combined Anomaly Detection Platform”, in IEEE Access, vol. 7, pp. 100964-100978, 2019. Full text in Acris/Aaltodoc: http://urn.fi/URN:NBN:fi:aalto-201909035189. DOI: 10.1109/ACCESS.2019.2930832 View at Publisher [Publication 5]: M. Monshizadeh, V. Khatri, M. Gamdou, R. Kantola and Z. Yan, “Improving Data Generalization With Variational Autoencoders for Network Traffic Anomaly Detection”, in IEEE Access, vol. 9, pp. 56893-56907, 2021. http://urn.fi/URN:NBN:fi:aalto-202104286382. DOI: 10.1109/ACCESS.2021.3072126 View at Publisher [Publication 6]: M. Monshizadeh, V. Khatri, R. Kantola and Z. Yan, “A Deep Density Based and Self-determining Clustering Approach to Label Unknown Traffic”, in Journal of Network and Computer Applications, vol. 207, 2022. Full text in Acris/Aaltodoc: http://urn.fi/URN:NBN:fi:aalto-202210195981. DOI: 10.1016/j.jnca.2022.103513 View at Publisher |
|
|
|
|
Files in this item
Unless otherwise stated, all rights belong to the author. You may download, display and print this publication for Your own personal use. Commercial use is prohibited.
This item appears in the following Collection(s)
Submit a publication
Browse
Statistics
© Aalto University Learning Centre
Page content by: Aalto University Learning Centre | Privacy policy of the service | About this site
en