Ensemble of classifiers for detection of advanced persistent threat
The demand for application of technology in almost all walks of life is in the increase and can be seen to be geared by the paradigm changes in industrial revolutions (current 4.0), IoT/IoE (Internet of Things/Internet of Everything) concept, Internet 2.0, Artificial Intelligence (AI), BYOD (Bring Y...
Saved in:
| Main Author: | |
|---|---|
| Format: | Thesis |
| Language: | English |
| Published: |
2019
|
| Subjects: | |
| Online Access: | http://eprints.utm.my/id/eprint/96365/1/OkwaraJerryChizobaMSC2019.pdf.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| id |
my-utm-ep.96365 |
|---|---|
| record_format |
uketd_dc |
| spelling |
my-utm-ep.963652022-07-18T10:03:27Z Ensemble of classifiers for detection of advanced persistent threat 2019 Chizoba, Okwara Jerry QA75 Electronic computers. Computer science The demand for application of technology in almost all walks of life is in the increase and can be seen to be geared by the paradigm changes in industrial revolutions (current 4.0), IoT/IoE (Internet of Things/Internet of Everything) concept, Internet 2.0, Artificial Intelligence (AI), BYOD (Bring Your Own Device) to mention a few but not without their increased inherent vulnerabilities and exposure to sophisticated and dynamic awaiting threats. Advanced Persistent Threats (APTs) among other malwares are some of the malicious attacks given serious attention as they have shown some level of complexities thereby causing defender solutions to poorly detect them. Poor APT attack tactics understanding, insufficient network traffic log analysis and poor classification are some of the problems identified for poor detection of these attacks. Network traffic logs are used by researchers to analyse the network and track attacks as packets move across network nodes. This research studies attack modelling in order to understand APT attack tactics and generate their dataset through simulation as well as a real dataset for normal operation. The experiment will be simulated on a virtual environment using dimensionality reduction technique on the network traffic log for improved log processing. To improve the APT detection accuracy flawed by their stealthiness, the ensemble of classifiers (Support Vector Machine, Random Forest, Decision Tree) with majority voting is used for better attack classification which resultantly gives a better detection accuracy of 90.47%. 2019 Thesis http://eprints.utm.my/id/eprint/96365/ http://eprints.utm.my/id/eprint/96365/1/OkwaraJerryChizobaMSC2019.pdf.pdf application/pdf en public http://dms.library.utm.my:8080/vital/access/manager/Repository/vital:143197 masters Universiti Teknologi Malaysia Faculty of Engineering - School of Computing |
| institution |
Universiti Teknologi Malaysia |
| collection |
UTM Institutional Repository |
| language |
English |
| topic |
QA75 Electronic computers Computer science |
| spellingShingle |
QA75 Electronic computers Computer science Chizoba, Okwara Jerry Ensemble of classifiers for detection of advanced persistent threat |
| description |
The demand for application of technology in almost all walks of life is in the increase and can be seen to be geared by the paradigm changes in industrial revolutions (current 4.0), IoT/IoE (Internet of Things/Internet of Everything) concept, Internet 2.0, Artificial Intelligence (AI), BYOD (Bring Your Own Device) to mention a few but not without their increased inherent vulnerabilities and exposure to sophisticated and dynamic awaiting threats. Advanced Persistent Threats (APTs) among other malwares are some of the malicious attacks given serious attention as they have shown some level of complexities thereby causing defender solutions to poorly detect them. Poor APT attack tactics understanding, insufficient network traffic log analysis and poor classification are some of the problems identified for poor detection of these attacks. Network traffic logs are used by researchers to analyse the network and track attacks as packets move across network nodes. This research studies attack modelling in order to understand APT attack tactics and generate their dataset through simulation as well as a real dataset for normal operation. The experiment will be simulated on a virtual environment using dimensionality reduction technique on the network traffic log for improved log processing. To improve the APT detection accuracy flawed by their stealthiness, the ensemble of classifiers (Support Vector Machine, Random Forest, Decision Tree) with majority voting is used for better attack classification which resultantly gives a better detection accuracy of 90.47%. |
| format |
Thesis |
| qualification_level |
Master's degree |
| author |
Chizoba, Okwara Jerry |
| author_facet |
Chizoba, Okwara Jerry |
| author_sort |
Chizoba, Okwara Jerry |
| title |
Ensemble of classifiers for detection of advanced persistent threat |
| title_short |
Ensemble of classifiers for detection of advanced persistent threat |
| title_full |
Ensemble of classifiers for detection of advanced persistent threat |
| title_fullStr |
Ensemble of classifiers for detection of advanced persistent threat |
| title_full_unstemmed |
Ensemble of classifiers for detection of advanced persistent threat |
| title_sort |
ensemble of classifiers for detection of advanced persistent threat |
| granting_institution |
Universiti Teknologi Malaysia |
| granting_department |
Faculty of Engineering - School of Computing |
| publishDate |
2019 |
| url |
http://eprints.utm.my/id/eprint/96365/1/OkwaraJerryChizobaMSC2019.pdf.pdf |
| _version_ |
1747818661211537408 |