Portal de Programas de Pós-Graduação (UFABC)

SIGAA - Sistema Integrado de Gestão de Atividades Acadêmicas

PPGINF PÓS-GRADUAÇÃO EM ENGENHARIA DA INFORMAÇÃO FUNDAÇÃO UNIVERSIDADE FEDERAL DO ABC Teléfono/Ramal: No informado E-mail: ppg.informacao@ufabc.edu.br http://propg.ufabc.edu.br/ppginfo

Banca de QUALIFICAÇÃO: LUAN GONÇALVES MIRANDA

Uma banca de QUALIFICAÇÃO de MESTRADO foi cadastrada pelo programa.
DISCENTE : LUAN GONÇALVES MIRANDA
DATA : 31/08/2022
HORA: 14:00
LOCAL: https://conferenciaweb.rnp.br/webconf/murilo-13
TÍTULO:

Network anomaly detection using autoencoders

PÁGINAS: 42
GRANDE ÁREA: Engenharias
ÁREA: Engenharia Elétrica
RESUMO:

Currently, digital security can be seen as an important economic area, due to the very high value of information, naming the current era as the "Information Age". As a result, data protection mechanisms such as Intrusion Detection Systems (IDS), responsible for monitoring and inspecting network activities to detect threats, have become essential.

A classic IDS is based on four components: decoder, pre-processor, decision system and the defense mechanism. The most important of them is the decision system, because it is where the attack detection process takes place. Two different approaches to that can be used: the Misuse approach gives rise to Misuse Detection Systems (MDS), where previously known characteristics of attacks are used to carry out the detection; and the Anomaly approach, which gives rise to the Anomaly Detection Systems (ADS), where the deviation from the data pattern determined by the normal use of the network, is employed for detection. One advantage of ADS over MDS is that there is no need of specific knowledge of the attacks to be detected, allowing the detection of unknown attacks.

Several machine learning techniques have been used to solve this problem, but these algorithms do not perform well when the available training data is unbalanced, that is, when there is a considerable predominance of certain classes over others. In this sense, Auto Encoders (AE) have been used, as they allow training using only the majority data class in the set, avoiding unbalance. This training characteristic of AE allows its use as a classifier from the extracted reconstruction error (RE), being RE considered small for the training class and larger for any other. The classification of this RE is performed through its comparison with a threshold, usually calculated using hypothesis tests, resulting in different criteria for its calculation. As such, obtaining a threshold to achieve detection using AEs is an open question. In this work, it is proposed that this decision be taken by another machine learning algorithm, being this threshold replaced by these algorithms. Furthermore, a pipeline for training the complete system is proposed, being also tested on a dataset based on an IoT application.

MEMBROS DA BANCA:
Presidente - Interno ao Programa - 1761105 - MURILO BELLEZONI LOIOLA
Membro Titular - Examinador(a) Interno ao Programa - 1761107 - RICARDO SUYAMA
Membro Titular - Examinador(a) Interno ao Programa - 2356637 - KENJI NOSE FILHO
Membro Suplente - Examinador(a) Interno ao Programa - 2334927 - ANDRE KAZUO TAKAHATA

Notícia cadastrada em: 09/08/2022 15:52