Show/Hide Menu
Hide/Show Apps
Logout
Türkçe
Türkçe
Search
Search
Login
Login
OpenMETU
OpenMETU
About
About
Open Science Policy
Open Science Policy
Open Access Guideline
Open Access Guideline
Postgraduate Thesis Guideline
Postgraduate Thesis Guideline
Communities & Collections
Communities & Collections
Help
Help
Frequently Asked Questions
Frequently Asked Questions
Guides
Guides
Thesis submission
Thesis submission
MS without thesis term project submission
MS without thesis term project submission
Publication submission with DOI
Publication submission with DOI
Publication submission
Publication submission
Supporting Information
Supporting Information
General Information
General Information
Copyright, Embargo and License
Copyright, Embargo and License
Contact us
Contact us
Anomaly-based cyber intrusion detection system with ensemble classifier
Download
index.pdf
Date
2018
Author
Sarıkaya, Alper
Metadata
Show full item record
Item Usage Stats
247
views
119
downloads
Cite This
Nowadays, cyberattacks are occurring progressively. Along with this, diversity, size and density of the cyberattacks are increasing. When the logs of security devices are analyzed, massive amounts of attack signs are detained. Besides, it is also difficult for humans to evaluate the logs accurately. Therefore, the identification of key data, which can be used to distinguish an attack from this very large data set, is important for both rapid detection of attacks and rapid response of security devices. This study focuses on selection of appropriate features from logs via machine learning and determining the distinctive attributes specific to an attack in the selection of these data. Based on the selected features, a classification methodology is proposed. As a result, 80.20% overall accuracy has been achieved using the proposed model with 19 features. Moreover, a better detection rate on DoS and Exploit classes has been obtained.
Subject Keywords
Computer security.
,
Database security.
,
Computer networks
,
Intrusion detection systems (Computer security).
URI
http://etd.lib.metu.edu.tr/upload/12622616/index.pdf
https://hdl.handle.net/11511/27640
Collections
Graduate School of Informatics, Thesis
Suggestions
OpenMETU
Core
Architectural design of an access control system for enterprise networks
Kirimer, Burak; Özgit, Attila (2007-11-09)
Client computers in enterprise networks have the potential to be the source of serious security problems, especially when their hardware and software components are out of physical administrative control. Besides, services in the network may have client configuration requirements. We propose a system composed of a policy management and enforcement server and client agents, which authenticates the client users and checks their computer configurations before allowing their access to services. The information ...
Design and implementation of a monitoring framework
Kuz, Kadir; Doğru, Ali Hikmet; Department of Computer Engineering (2009)
In this thesis work, the symptoms in Windows XP operating system for fault monitoring are investigated and a fault monitoring library is developed. A test GUI is implemented to examine this library. Performance tests including memory and CPU usage are done to see its overhead to the system and platform tests on the current version of Windows operating system series (Windows Vista) are done to see for compatibility. In this thesis, fault monitor-fault detector interface is also defined and implemented. To mo...
ZEKI: unsupervised zero-day exploit kit intelligence
Suren, Emre (The Scientific and Technological Research Council of Turkey, 2020-01-01)
Over the last few years, exploit kits (EKs) have become the de facto medium for large-scale spread of malware. Drive-by download is the leading method that is widely used by EK flavors to exploit web-based client-side vulnerabilities. Their principal goal is to infect the victim's system with a malware. In addition, EK families evolve quickly, where they port zero-day exploits for brand new vulnerabilities that were never seen before and for which no patch exists. In this paper, we propose a novel approach ...
A Class-Specific Intrusion Detection Model: Hierarchical Multi-class IDS Model
Sarıkaya, Alper; Günel Kılıç, Banu (2020-06-01)
Nowadays, cyberattacks are occurring continuously. There are many kinds of attack types, which are malicious and harmful for our networks, resources and privacy. Along with this, diversity, size and density of the cyberattacks are increasing. Therefore, strong and solid detection mechanisms are required to prevent the cyberattacks. Previously, many intrusion detection mechanisms are proposed, but many of them are suffered to detect some attack classes. In this paper, an up-to-date and realistic dataset call...
A Deep reinforcement learning approach to network intrusion detection
Gülmez, Halim Görkem; Angın, Pelin; Department of Computer Engineering (2019)
Intrusion detection is one of the most important problems in today’s world. Every daynew attacks are being used in order to breach the security of systems and signature-based security systems fail to detect these zero-day attacks. An anomaly-basedintrusion detection system, particularly one that utilizes a machine learning approach,is needed to effectively handle these kinds of attacks. With the advancements in bigdata technologies, storing and handling data became easier, therefore big dataanalytics has be...
Citation Formats
IEEE
ACM
APA
CHICAGO
MLA
BibTeX
A. Sarıkaya, “Anomaly-based cyber intrusion detection system with ensemble classifier,” M.S. - Master of Science, Middle East Technical University, 2018.
