Title |
Mašininio mokymo metodų taikymas atakoms aptikti naudojant Cisco Netflow tinklo įrašus / |
Translation of Title |
Machine learning based attack detection using Cisco Netflow network records. |
Authors |
Aleksandravičius, Giedrius |
Full Text |
|
Pages |
73 |
Keywords [eng] |
“Cisco Netflow” network ; classification ; stacked classifier ; anomaly detection ; attack detection |
Abstract [eng] |
Network security is a very important issue these days. Sometimes, unknowingly, we experience attempts to break into the company's internal networks, as a result of which there is a possibility of incurring losses due to system inactivity or taking control of the computer itself. To prevent these problems, anomaly detection systems are used that detect these attacks and notify the administrator, who takes further action. The aim is to investigate the anomaly detection of network attacks based detection methods for efficiency and design the most appropriate method for a specific type of attacks recognized by Cisco Netflow entries received properties. The paper analyzes 9 methods for detecting anomalies. The analysis found that there is no method that uses a small amount of learning data. Using the design phase described in the work, the requirements for classifiers were determined, the desired architecture was created and the implementation phase was started, in which the deep learning method was implemented, together with a composite classifier. These methods were compared according to the evaluation criteria given in the work. |
Dissertation Institution |
Kauno technologijos universitetas. |
Type |
Master thesis |
Language |
Lithuanian |
Publication date |
2021 |