Ensemble of classifiers for detection of advanced persistent threat

The demand for application of technology in almost all walks of life is in the increase and can be seen to be geared by the paradigm changes in industrial revolutions (current 4.0), IoT/IoE (Internet of Things/Internet of Everything) concept, Internet 2.0, Artificial Intelligence (AI), BYOD (Bring Y...

Full description

Saved in:
Bibliographic Details
Main Author: Chizoba, Okwara Jerry
Format: Thesis
Language:English
Published: 2019
Subjects:
Online Access:http://eprints.utm.my/id/eprint/96365/1/OkwaraJerryChizobaMSC2019.pdf.pdf
Tags: Add Tag
No Tags, Be the first to tag this record!
id my-utm-ep.96365
record_format uketd_dc
spelling my-utm-ep.963652022-07-18T10:03:27Z Ensemble of classifiers for detection of advanced persistent threat 2019 Chizoba, Okwara Jerry QA75 Electronic computers. Computer science The demand for application of technology in almost all walks of life is in the increase and can be seen to be geared by the paradigm changes in industrial revolutions (current 4.0), IoT/IoE (Internet of Things/Internet of Everything) concept, Internet 2.0, Artificial Intelligence (AI), BYOD (Bring Your Own Device) to mention a few but not without their increased inherent vulnerabilities and exposure to sophisticated and dynamic awaiting threats. Advanced Persistent Threats (APTs) among other malwares are some of the malicious attacks given serious attention as they have shown some level of complexities thereby causing defender solutions to poorly detect them. Poor APT attack tactics understanding, insufficient network traffic log analysis and poor classification are some of the problems identified for poor detection of these attacks. Network traffic logs are used by researchers to analyse the network and track attacks as packets move across network nodes. This research studies attack modelling in order to understand APT attack tactics and generate their dataset through simulation as well as a real dataset for normal operation. The experiment will be simulated on a virtual environment using dimensionality reduction technique on the network traffic log for improved log processing. To improve the APT detection accuracy flawed by their stealthiness, the ensemble of classifiers (Support Vector Machine, Random Forest, Decision Tree) with majority voting is used for better attack classification which resultantly gives a better detection accuracy of 90.47%. 2019 Thesis http://eprints.utm.my/id/eprint/96365/ http://eprints.utm.my/id/eprint/96365/1/OkwaraJerryChizobaMSC2019.pdf.pdf application/pdf en public http://dms.library.utm.my:8080/vital/access/manager/Repository/vital:143197 masters Universiti Teknologi Malaysia Faculty of Engineering - School of Computing
institution Universiti Teknologi Malaysia
collection UTM Institutional Repository
language English
topic QA75 Electronic computers
Computer science
spellingShingle QA75 Electronic computers
Computer science
Chizoba, Okwara Jerry
Ensemble of classifiers for detection of advanced persistent threat
description The demand for application of technology in almost all walks of life is in the increase and can be seen to be geared by the paradigm changes in industrial revolutions (current 4.0), IoT/IoE (Internet of Things/Internet of Everything) concept, Internet 2.0, Artificial Intelligence (AI), BYOD (Bring Your Own Device) to mention a few but not without their increased inherent vulnerabilities and exposure to sophisticated and dynamic awaiting threats. Advanced Persistent Threats (APTs) among other malwares are some of the malicious attacks given serious attention as they have shown some level of complexities thereby causing defender solutions to poorly detect them. Poor APT attack tactics understanding, insufficient network traffic log analysis and poor classification are some of the problems identified for poor detection of these attacks. Network traffic logs are used by researchers to analyse the network and track attacks as packets move across network nodes. This research studies attack modelling in order to understand APT attack tactics and generate their dataset through simulation as well as a real dataset for normal operation. The experiment will be simulated on a virtual environment using dimensionality reduction technique on the network traffic log for improved log processing. To improve the APT detection accuracy flawed by their stealthiness, the ensemble of classifiers (Support Vector Machine, Random Forest, Decision Tree) with majority voting is used for better attack classification which resultantly gives a better detection accuracy of 90.47%.
format Thesis
qualification_level Master's degree
author Chizoba, Okwara Jerry
author_facet Chizoba, Okwara Jerry
author_sort Chizoba, Okwara Jerry
title Ensemble of classifiers for detection of advanced persistent threat
title_short Ensemble of classifiers for detection of advanced persistent threat
title_full Ensemble of classifiers for detection of advanced persistent threat
title_fullStr Ensemble of classifiers for detection of advanced persistent threat
title_full_unstemmed Ensemble of classifiers for detection of advanced persistent threat
title_sort ensemble of classifiers for detection of advanced persistent threat
granting_institution Universiti Teknologi Malaysia
granting_department Faculty of Engineering - School of Computing
publishDate 2019
url http://eprints.utm.my/id/eprint/96365/1/OkwaraJerryChizobaMSC2019.pdf.pdf
_version_ 1747818661211537408