Ara_Lena_Thesis_Submission.pdf (1.88 MB)

Integrate Model and Instance Based Machine Learning for Network Intrusion Detection

Download (1.88 MB)
thesis
posted on 17.01.2019 by Lena Ara
In computer networks, the convenient internet access facilitates internet services, but at the same time also augments the spread of malicious software which could represent an attack or unauthorized access. Thereby, making the intrusion detection an important area to explore for detecting these unwanted activities. This thesis concentrates on combining the Model and Instance Based Machine Learning for detecting intrusions through a series of algorithms starting from clustering the similar hosts.
Similar hosts have been found based on the supervised machine learning techniques like Support Vector Machines, Decision Trees and K Nearest Neighbors using our proposed Data Fusion algorithm. Maximal cliques of Graph Theory has been explored to find the clusters. A recursive way is proposed to merge the decision areas of best features. The idea is to implement a combination of model and instance based machine learning and analyze how it performs as compared to a conventional machine learning algorithm like Random Forest for intrusion detection. The system has been evaluated on three datasets by CTU-13. The results show that our proposed method gives better detection rate as compared to traditional methods which might overfit the data.
The research work done in model merging, instance based learning, random forests, data mining and ensemble learning with regards to intrusion detection have been studied and taken as reference.

Funding

Department Funding

History

Degree Type

Master of Science in Electrical and Computer Engineering

Department

Electrical and Computer Engineering

Campus location

Indianapolis

Advisor/Supervisor/Committee Chair

Xiao Luo

Advisor/Supervisor/Committee co-chair

Brian King

Additional Committee Member 2

Mohamed El Sharkawy

Licence

Exports

Logo branding

Licence

Exports