An Online Anomaly-Detection Neural Networks-based Clustering for Adaptive Intrusion Detection Systems

dc.contributorAalto-yliopistofi
dc.contributorAalto Universityen
dc.contributor.advisorMiche, Yoan
dc.contributor.authorRoshan Kokabha, Setareh
dc.contributor.schoolSähkötekniikan korkeakoulufi
dc.contributor.supervisorAsokan, N
dc.date.accessioned2016-03-29T11:01:15Z
dc.date.available2016-03-29T11:01:15Z
dc.date.issued2016-02-15
dc.description.abstractIn the evolving nature of today’s world of network security, threats have become more and more sophisticated. Although different security solutions such as firewalls and antivirus software have been deployed to protect systems, external attackers are still capable of intruding into computer networks. This is where intrusion detection systems come into play as an additional security layer. Despite the large volume of research conducted in the field of intrusion detection, finding a perfect solution of intrusion detection systems for critical applications is still a major challenge. This is mainly due to the continuous emergence of security threats which can bypass the outdated intrusion detection systems. The main objective of this thesis is to propose an adaptive design of intrusion detection systems which offers the capability of detecting known and novel attacks and being updated according to new trends of data patterns provided by security experts in a cost-effective manner. The proposed intrusion detection system uses an anomaly-based technique and is constructed on the basis of Extreme Learning Machine method which is a variant of neural networks. In this work, two novel approaches are also proposed to enhance the speed of partial updates for the learning model according to new information fed into the system. The performance of the proposed intrusion detection system is evaluated as a network-based solution using NSL-KDD data set. The evaluation results indicate that the system provides an average detection rate of 81 % while having a false positive rate of 3 % in detecting known and novel attacks. In addition, the obtained results show that the system is capable of adapting to the new input information and data injected into the system by a human security expert.en
dc.format.extent67+8
dc.format.mimetypeapplication/pdfen
dc.identifier.urihttps://aaltodoc.aalto.fi/handle/123456789/19893
dc.identifier.urnURN:NBN:fi:aalto-201603291516
dc.language.isoenen
dc.locationP1fi
dc.programmeTLT - Master’s Programme in Communications Engineering (TS2005)fi
dc.programme.majorNetworking Technologyfi
dc.programme.mcodeS3029fi
dc.rights.accesslevelopenAccess
dc.subject.keywordintrusion detection systemen
dc.subject.keywordanomaly detectionen
dc.subject.keywordclusteringen
dc.subject.keywordELMen
dc.subject.keywordneural networksen
dc.titleAn Online Anomaly-Detection Neural Networks-based Clustering for Adaptive Intrusion Detection Systemsen
dc.typeG2 Pro gradu, diplomityöen
dc.type.okmG2 Pro gradu, diplomityö
dc.type.ontasotMaster's thesisen
dc.type.ontasotDiplomityöfi
dc.type.publicationmasterThesis
local.aalto.idinssi53328
local.aalto.openaccessyes
Files
Original bundle
Now showing 1 - 1 of 1
No Thumbnail Available
Name:
master_Roshan_Kokabha_Setareh_2016.pdf
Size:
1.31 MB
Format:
Adobe Portable Document Format