Classification of Cyberattacks Using Machine Learning Systems / Chaima Benaissa

Public ISBD Titre : Classification of Cyberattacks Using Machine Learning Systems Type de document : texte imprimé Auteurs : Chaima Benaissa, Auteur ; Abir Bennouioua ; Yasmine Harbi, Directeur de thèse Editeur : Setif:UFA Année de publication : 2024 Importance : 1 vol (56 f .) Format : 29 cm Langues : Anglais (eng) Catégories : Thèses & Mémoires:Informatique Mots-clés : Internet of Things (IoT) Intrusion Detection System (IDS) Convolutional Neural Networks (CNNs) Index. décimale : 004 - Informatique Résumé : Cyber security in the age of the Internet of Things (IoT) is a significant concern due to the widespread use of internet-connected devices and the immense volume of data they generate. Unfortunately, this heightened connectivity has attracted the attention of cybercriminals, who target IoT networks for malicious activities. Consequently, security and privacy issues have become the primary obstacles to the widespread adoption of IoT technology. While it’s impossible to entirely prevent attacks on any system, timely detection of such attacks is crucial for effectively safeguarding IoT systems. To address these challenges, we design an Intrusion Detection System (IDS) based on Machine Learning and Deep Learning models to identify abnormal data patterns and learns to anticipate potential network breaches. Our approach utilizes feature selection techniques like Random Forest (RF) and Principal Component Analysis (PCA) to eliminate irrelevant features and reduce detection time. In addition, it employed Convolutional Neural Networks (CNNs) for binary and multiclass classifications using the CICIoT-2023 and Edge-IIoTset. Evaluation of the models is based on key metrics such as accuracy, recall, precision, False Positive Rate (FPR), and detection time. The results confirm that our proposed intrusion detection system effectively identifies real-world intrusions, demonstrating its potential as a robust security solution for IoT systems. Note de contenu : Sommaire Table of Contents ii List of Figures iii List of Tables v Table of Abbreviations vi General Introduction 1 1 State-of-the-art 3 1.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 1.2 Cyber Security and Cyberattacks . . . . . . . . . . . . . . . . . . . . . . . 4 1.2.1 Cyber Security Objectives . . . . . . . . . . . . . . . . . . . . . . . 4 1.2.2 Cyber Security Framework . . . . . . . . . . . . . . . . . . . . . . . 5 1.2.3 Cyber Security Domains . . . . . . . . . . . . . . . . . . . . . . . . 6 1.2.4 Cyberattaks Definition . . . . . . . . . . . . . . . . . . . . . . . . . 7 1.2.5 Cyber Security Tools . . . . . . . . . . . . . . . . . . . . . . . . . . 10 1.3 Intrusion Detection System (IDS) . . . . . . . . . . . . . . . . . . . . . . . 12 1.3.1 IDS Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 1.3.2 IDS Methods . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 1.3.3 Machine Learning-based IDS . . . . . . . . . . . . . . . . . . . . . 14 1.3.4 IDS Datasets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 1.3.5 ML-based IDS Challenges . . . . . . . . . . . . . . . . . . . . . . . 19 1.4 Related Work . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19 1.5 Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 2 Contribution 22 2.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22 2.2 Problem Statement, Objectives, and Hypothesis . . . . . . . . . . . . . . 22 2.3 Proposed Intrusion Detection System . . . . . . . . . . . . . . . . . . . . . 24 2.3.1 Dataset Description . . . . . . . . . . . . . . . . . . . . . . . . . . . 24 2.3.2 Dataset Preprocessing . . . . . . . . . . . . . . . . . . . . . . . . . 27 2.3.3 Feature Selection . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29 2.3.4 Attack Classification . . . . . . . . . . . . . . . . . . . . . . . . . . 30 2.4 Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31 3 Experiments and Results 32 3.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32 3.2 Hardware and software Environments . . . . . . . . . . . . . . . . . . . . . 32 3.2.1 Parameter Setting . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34 3.2.2 Evaluation Metrics . . . . . . . . . . . . . . . . . . . . . . . . . . . 35 3.3 Results and Discussions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36 3.3.1 Results of Data Balancing . . . . . . . . . . . . . . . . . . . . . . . 36 3.3.2 Results of Feature Selection . . . . . . . . . . . . . . . . . . . . . . 38 3.3.3 Comparison to Related Works . . . . . . . . . . . . . . . . . . . . . 47 3.4 Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48 General Conclusion 49 Bibliography 51 Côte titre : MAI/0900 Classification of Cyberattacks Using Machine Learning Systems [texte imprimé] / Chaima Benaissa, Auteur ; Abir Bennouioua ; Yasmine Harbi, Directeur de thèse . - [S.l.] : Setif:UFA, 2024 . - 1 vol (56 f .) ; 29 cm. Langues : Anglais (eng) Catégories : Thèses & Mémoires:Informatique Mots-clés : Internet of Things (IoT) Intrusion Detection System (IDS) Convolutional Neural Networks (CNNs) Index. décimale : 004 - Informatique Résumé : Cyber security in the age of the Internet of Things (IoT) is a significant concern due to the widespread use of internet-connected devices and the immense volume of data they generate. Unfortunately, this heightened connectivity has attracted the attention of cybercriminals, who target IoT networks for malicious activities. Consequently, security and privacy issues have become the primary obstacles to the widespread adoption of IoT technology. While it’s impossible to entirely prevent attacks on any system, timely detection of such attacks is crucial for effectively safeguarding IoT systems. To address these challenges, we design an Intrusion Detection System (IDS) based on Machine Learning and Deep Learning models to identify abnormal data patterns and learns to anticipate potential network breaches. Our approach utilizes feature selection techniques like Random Forest (RF) and Principal Component Analysis (PCA) to eliminate irrelevant features and reduce detection time. In addition, it employed Convolutional Neural Networks (CNNs) for binary and multiclass classifications using the CICIoT-2023 and Edge-IIoTset. Evaluation of the models is based on key metrics such as accuracy, recall, precision, False Positive Rate (FPR), and detection time. The results confirm that our proposed intrusion detection system effectively identifies real-world intrusions, demonstrating its potential as a robust security solution for IoT systems. Note de contenu : Sommaire Table of Contents ii List of Figures iii List of Tables v Table of Abbreviations vi General Introduction 1 1 State-of-the-art 3 1.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 1.2 Cyber Security and Cyberattacks . . . . . . . . . . . . . . . . . . . . . . . 4 1.2.1 Cyber Security Objectives . . . . . . . . . . . . . . . . . . . . . . . 4 1.2.2 Cyber Security Framework . . . . . . . . . . . . . . . . . . . . . . . 5 1.2.3 Cyber Security Domains . . . . . . . . . . . . . . . . . . . . . . . . 6 1.2.4 Cyberattaks Definition . . . . . . . . . . . . . . . . . . . . . . . . . 7 1.2.5 Cyber Security Tools . . . . . . . . . . . . . . . . . . . . . . . . . . 10 1.3 Intrusion Detection System (IDS) . . . . . . . . . . . . . . . . . . . . . . . 12 1.3.1 IDS Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 1.3.2 IDS Methods . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 1.3.3 Machine Learning-based IDS . . . . . . . . . . . . . . . . . . . . . 14 1.3.4 IDS Datasets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 1.3.5 ML-based IDS Challenges . . . . . . . . . . . . . . . . . . . . . . . 19 1.4 Related Work . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19 1.5 Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 2 Contribution 22 2.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22 2.2 Problem Statement, Objectives, and Hypothesis . . . . . . . . . . . . . . 22 2.3 Proposed Intrusion Detection System . . . . . . . . . . . . . . . . . . . . . 24 2.3.1 Dataset Description . . . . . . . . . . . . . . . . . . . . . . . . . . . 24 2.3.2 Dataset Preprocessing . . . . . . . . . . . . . . . . . . . . . . . . . 27 2.3.3 Feature Selection . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29 2.3.4 Attack Classification . . . . . . . . . . . . . . . . . . . . . . . . . . 30 2.4 Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31 3 Experiments and Results 32 3.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32 3.2 Hardware and software Environments . . . . . . . . . . . . . . . . . . . . . 32 3.2.1 Parameter Setting . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34 3.2.2 Evaluation Metrics . . . . . . . . . . . . . . . . . . . . . . . . . . . 35 3.3 Results and Discussions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36 3.3.1 Results of Data Balancing . . . . . . . . . . . . . . . . . . . . . . . 36 3.3.2 Results of Feature Selection . . . . . . . . . . . . . . . . . . . . . . 38 3.3.3 Comparison to Related Works . . . . . . . . . . . . . . . . . . . . . 47 3.4 Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48 General Conclusion 49 Bibliography 51 Côte titre : MAI/0900

Exemplaires (1)

Code-barres	Cote	Support	Localisation	Section	Disponibilité
MAI/0900	MAI/0900	Mémoire	Bibliothéque des sciences	Anglais	Disponible Disponible

---

1 (1 - 1 / 1)