Please use this identifier to cite or link to this item:
http://repository.aaup.edu/jspui/handle/123456789/2368
Title: | Flood Attack Detection System with IAT As Main Feature Using Machine Learning رسالة ماجستير |
Other Titles: | نظام كشف التسلل للبيئة السحابية باستخدام خوارزميات تعلم الآلة. |
Authors: | خليل, نعمة محمد لطفي$AAUP$Palestinian |
Keywords: | Mininet, Dos Flooding, Inter arrival time, Random Forest algorithm |
Issue Date: | 2024 |
Publisher: | AAUP |
Abstract: | According to the explosion of Cloud Computing domain, Network Intrusion Detection systems or IDSs, also Arbor adaptive DDoS devices are essential for cyber security. When it comes to the feature phase, the network traffic could contain a range of components, including host information, malicious scripts, attack subcategories, and reference attack types (Seo, 2020), When compared to regular traffic, In terms of network phase, there may be an unequal distribution of destructive attacks in network traffic. Regarding cybersecurity, the impact of DoS attacks on the CIA triad is crucial to consider. Attacks that cause a denial of service, by their nature, poses a significant threat to the Availability aspect of the triad. These attacks aim to overwhelm and exhaust the resources of a network or system, calling it unavailable to legitimate users, these attacks may have serious effects. leading to service disruptions, downtime, and potential financial losses. Therefore, as we explore and evaluate various intrusion detection methods, understanding and mitigating the impact of DoS attacks on the availability of network resources becomes paramount in addition to trying to act as fast as possible to network threats, an automatic detection system is needed. Network administrators have less time to modify their detection and repairs systems and update their signatures when an attack is discovered later. VI It is challenging to identify different types of DoS attacks passing through encrypted network channels due to complex features and the similarity between many types of DoS. This thesis aims to address the behavior of DOS attacks based on the interval time between packets in the network environment, by creating a Simulink environment and evaluate the behaviors of various types of DoS attacks to meet the requirements of a good IDS. To make the following experiments, First, we set up a Simulink cloud environment using the Mininet platform and create different types of Dos attack, second capture the network traffic and calculate statistical features, Interval between arrivals of typical network traffic and Dos traffic, third we apply Hypered RNN+ LSTM, DNN+ LSTM, Random Forest and some traditional algorithms as SVM (Support vector machine), LG (Logistic Regression) over the created dataset and evaluated to address high score metrics, forth the synthetic minority oversampling technique (SMOTE) is implemented in the dataset to fix the imbalance dataset issue, Finally, compare the evaluation results |
Description: | Master`s degree in Cyber Security |
URI: | http://repository.aaup.edu/jspui/handle/123456789/2368 |
Appears in Collections: | Master Theses and Ph.D. Dissertations |
Files in This Item:
File | Description | Size | Format | |
---|---|---|---|---|
نعمة خليل.pdf | 2.68 MB | Adobe PDF | View/Open |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.
Admin Tools