Banca de DEFESA: OGOBUCHI DANIEL OKEY

Uma banca de DEFESA de MESTRADO foi cadastrada pelo programa.
DISCENTE: OGOBUCHI DANIEL OKEY
DATA: 05/09/2022
HORA: 09:00
LOCAL: Remoto - Google meeting
TÍTULO:

Multi-Phase Optimized Intrusion Detection System based on Deep Learning Algorithm for Computer Networks 

PALAVRAS-CHAVES:

Machine Learning;  Deep Learning;  Intrusion Detection systems;  Computer Networks; Transfer Learning; Convolutional Neural Networks

PÁGINAS: 153
GRANDE ÁREA: Engenharias
ÁREA: Engenharia Elétrica
SUBÁREA: Telecomunicações
ESPECIALIDADE: Sistemas deTelecomunicações
RESUMO:

Computer networks have revolutionized the entire workspace in recent times, so their potentials and contributions cannot be underestimated. As a result of the immense advantages of computer networks, many organizations and companies depend on them for everyday activities that range from searching for resources to disseminating information. The large dependency on Internet services has faced the challenge of privacy and security. This is due to the fact that individuals with malicious intent devise some strategies to exploit the networks and nodes to steal information thereby causing damage. To this end, several techniques and technologies such as firewalls are being used to deter cyber-attacks from occurring. One challenge with this approach is the issue of False Positives where real information is identified as threats. One way to solve this is the use of an Intrusion Detection System (IDS) that monitors and inspects network activities to detect threats. IDS developed using Machine Learning (ML) and Deep Learning (DL) algorithms have shown prevalence over knowledge-based IDS. In this work, we leverage the capabilities of ML and DL to develop IDS for computer networks. Specifically, two IDS models are developed based on Tabular data and Image data. First, we preprocess the data into a compatible format and handle the imbalance with Synthetic Minority Oversampling TEchinque (SMOTE). On the tabular data, we use One-Dimensional Convolution Neural Network (1D-CNN) and some ML classifiers while Transfer Learning (TL) is used on the image data.  Image data are generated by transforming the sampled dataset into a 64x64x3 RGB image. These images are fed into the CNN, which has an excellent performance in extracting features from images used in the learning process. This ability of CNN to automatically extract relevant features from network traffic is used to classify the traffic into different categories. Five different pre-trained models based on CNN: Visual Geometry Group (VGG16 and VGG19), InceptionV3 (IV3), MobileNetV3Small (MNV3S), and EfficientNetV2B0 (ENV2B0) are used to develop the IDS based on images generated from the dataset and in the end, we develop an optimized Ensemble lightweight Transfer Learning IDS (ELETL-IDS) capable of detecting up to classifying network traffic into its attack type such (DDoS, DoS, Bot, Brute force, Infiltration, PortScan, Heartbleed and Web Attacks). On evaluation, the models show high performance with 1D-CNN reaching a weighted average performance of 99.11\% and ELETL-IDS has 1.0\% performance in classifying each of the classes. We perform model quantization to reduce the model size to about 56\% with a drop of 1.1\% in accuracy, making the IDS models highly efficient and suitable in different areas of application. 

MEMBROS DA BANCA:
Externo à Instituição - DANTE COAQUIRA BEGAZO - USP (Membro)
Presidente - DEMOSTENES ZEGARRA RODRIGUEZ (Membro)
Externo à Instituição - KATIA CILENE NELES DA SILVA - FMF (Suplente)
Externo ao Programa - RENATA LOPES ROSA - DCC/ICET (Membro)
Externo ao Programa - BRUNO DE ABREU SILVA - DCC/ICET (Suplente)