R
RCAAP - RSS GERAL
Guest
Breve resumo:
Info Adicional:
Autor:
Clica para continuares a ler...
Artificial Intelligence has proven its value in multiple fields. Cybersecurity is one of the critical fields that due to its importance and evolution needs AI to protect the systems against hackers. Intrusion Detection Systems (IDS) play an essential role in the Cybersecurity environment due to their behaviour of detecting intruders in network traffic. Even though it’s not possible to prevent these attacks, it is possible to know that they happened and if so, apply procedures related to each type of incident. The problem to be addressed in this research, the use of AI in IDS, is based on a classification problem that consists of distinguishing between benign traffic and various attack types. AI-based IDS are already in the Cybersecurity market, but researchers affirm that there is more need for research on improvements and challenges related to the IDS. This research contributes with an updated exploratory data analysis of the most recent datasets, a study of feature importance showing that using less than half of the total number of features we can achieve similar performance, with machine learning algorithms, a parallel training of ML algorithms that can speed up execution to more near than half of the sequential time needed, an explainable AI study that shows the impact of each feature to the classification process, and finishes with a proof of concept of an embedded AI-based IDS ready to use with a updated version of the cicflowmeter software and a web interface developed in Python.
Info Adicional:
Artificial Intelligence has proven its value in multiple fields. Cybersecurity is one of the critical fields that due to its importance and evolution needs AI to protect the systems against hackers. Intrusion Detection Systems (IDS) play an essential role in the Cybersecurity environment due to their behaviour of detecting intruders in network traffic. Even though it’s not possible to prevent these attacks, it is possible to know that they happened and if so, apply procedures related to each type of incident. The problem to be addressed in this research, the use of AI in IDS, is based on a classification problem that consists of distinguishing between benign traffic and various attack types. AI-based IDS are already in the Cybersecurity market, but researchers affirm that there is more need for research on improvements and challenges related to the IDS. This research contributes with an updated exploratory data analysis of the most recent datasets, a study of feature importance showing that using less than half of the total number of features we can achieve similar performance, with machine learning algorithms, a parallel training of ML algorithms that can speed up execution to more near than half of the sequential time needed, an explainable AI study that shows the impact of each feature to the classification process, and finishes with a proof of concept of an embedded AI-based IDS ready to use with a updated version of the cicflowmeter software and a web interface developed in Python.
Autor:
Clica para continuares a ler...