Kültür, Ebru
With the rapid growth of the information technology in several areas, providing security of those systems has gained more importance. As a result of this development in information technology, the complexity of cyber-attacks has also significantly increased. Therefore, traditional security tools such as Signature-based Intrusion Detection Systems (SIDS) have become insufficient for detecting new attacks. Intrusion Detection Systems (IDS) are used to monitor network traffic and capture malicious traffic. Traditional IDS are signature-based, meaning that they are capable of taking action against known threats using only predefined or custom rule sets. Traditional IDS fail to detect such attacks if unknown attacks or modified known attacks which does not correspond to the static signature occur. New behavior-based anomalous activity detection approaches, such as deep learning, can offer a solution together with signature-based IDS in order to increase the performance of detecting new types of attacks and reduce the FP (false positive) and FN (false negative) rates. Since deep learning algorithms can learn from data and patterns, it will be possible to increase the detection rate of real malicious activities by estimating which traffic is normal or attack traffic. At the same time, they are capable of automating the detection process without the need for manual configuration in order to reduce false alarms. In this thesis, we aim to investigate the efficiency of applying deep learning approaches by focusing on recurrent neural network architectures for network flow-based intrusion detection.


Colour coding based novel data representation and lightweight convolutional neural network architecture for hierarchical anomaly detection on ehealth applications
Yatbaz, Hakan Yekta; Ever, Enver; Computer Engineering (2020-10)
eHealth is on its way to become an essential industry due to the advancements in information technology. Human activity recognition (HAR) is one of the most popular areas within the scope of eHealth, particularly with applications in anomaly detection. Although there are various studies on HAR, most of them propose complex models that are not compatible with portable devices and wearables due to their restricted computing capabilities. In this thesis, new data representation is presented along with a lightw...
Network intrusion detection system with incremental active learning
Bedir Tüzün, Münteha Nur; Angın, Pelin; Department of Computer Engineering (2022-9-14)
While Internet usage has increased every year, it has gained momentum in recent years with the global pandemic. Increasing Internet usage has brought increasing cyber threats. Intrusion detection systems have become more important than ever. The performance of these systems is directly proportional to their adaptiveness to the rapid changes in attack types. However, desired performance cannot always be achieved due to the lack of labeled data on newly developed attacks and the difficulty of incremental lear...
Explainable Security in SDN-Based IoT Networks
Sarica, Alper Kaan; Angın, Pelin (2020-12-01)
The significant advances in wireless networks in the past decade have made a variety of Internet of Things (IoT) use cases possible, greatly facilitating many operations in our daily lives. IoT is only expected to grow with 5G and beyond networks, which will primarily rely on software-defined networking (SDN) and network functions virtualization for achieving the promised quality of service. The prevalence of IoT and the large attack surface that it has created calls for SDN-based intelligent security solut...
Technology foresight and modeling: Turkish cybersecurity foresight 2040
Çifci, Hasan; Çakır, Serhat; Department of Science and Technology Policy Studies (2019)
Foresight is a systematic and multidisciplinary process with proper methodology combinations for identifying technological, economic and social areas to prioritize investments and research to realize medium or long-term future strategies by using various resources from organizational to international level. Cybersecurity is the protection of cyber systems from cyber-attacks and providing integrity, confidentiality, and availability of those systems. In this thesis, information about technology foresight and...
Multi-task Deep Neural Networks in Protein Function Prediction
Rifaioğlu, Ahmet Süreyya; Doğan, Tunca; Martin, Maria Jesus; Atalay, Rengül; Atalay, Mehmet Volkan (2017-05-01)
In recent years, deep learning algorithms have outperformed the state-of-the art methods in several areas thanks to the efficient methods for training and for preventing overfitting, advancement in computer hardware, the availability of vast amount data. The high performance of multi-task deep neural networks in drug discovery has attracted the attention to deep learning algorithms in bioinformatics area. Here, we proposed a hierarchical multi-task deep neural network architecture based on Gene Ontology (GO...
Citation Formats
E. Kültür, “NETWORK INTRUSION DETECTION WITH A DEEP LEARNING APPROACH,” M.S. - Master of Science, Middle East Technical University, 2022.