Learning Centre

Anomaly Detection Algorithms and Techniques for Network Intrusion Detection Systems

 |  Login

Show simple item record

dc.contributor Aalto-yliopisto fi
dc.contributor Aalto University en
dc.contributor.advisor Kahles, Julen
dc.contributor.author Mishin, Mikhail
dc.date.accessioned 2020-08-23T17:12:32Z
dc.date.available 2020-08-23T17:12:32Z
dc.date.issued 2020-08-18
dc.identifier.uri https://aaltodoc.aalto.fi/handle/123456789/46076
dc.description.abstract In recent years, many deep learning-based models have been proposed for anomaly detection. This thesis presents a comparison of selected deep autoencoding models and classical anomaly detection methods on three modern network intrusion detection datasets. We experiment with different configurations and architectures of the selected models, as well as aggregation techniques for input preprocessing and output postprocessing. We propose a methodology for creating benchmark datasets for the evaluation of the methods in different settings. We provide a statistical comparison of the performance of the selected techniques. We conclude that the deep autoencoding models, in particular AE and VAE, systematically outperform the classic methods. Furthermore, we show that aggregating input network flow data improves the overall performance. In general, the tested techniques are promising regarding their application in network intrusion detection systems. However, secondary techniques must be employed to reduce the high numbers of generated false alarms. en
dc.format.extent 79+29
dc.format.mimetype application/pdf en
dc.language.iso en en
dc.title Anomaly Detection Algorithms and Techniques for Network Intrusion Detection Systems en
dc.type G2 Pro gradu, diplomityö fi
dc.contributor.school Perustieteiden korkeakoulu fi
dc.subject.keyword anomaly detection en
dc.subject.keyword network intrusion detection en
dc.subject.keyword neural networks en
dc.subject.keyword autoencoders en
dc.subject.keyword network-flow aggregation en
dc.subject.keyword semi-supervised learning en
dc.identifier.urn URN:NBN:fi:aalto-202008235008
dc.programme.major Computer Science fi
dc.programme.mcode SCI3042 fi
dc.type.ontasot Master's thesis en
dc.type.ontasot Diplomityö fi
dc.contributor.supervisor Jung, Alexander
dc.programme Master’s Programme in Computer, Communication and Information Sciences fi
local.aalto.electroniconly yes
local.aalto.openaccess yes

Files in this item

This item appears in the following Collection(s)

Show simple item record

Search archive

Advanced Search

article-iconSubmit a publication