This document proposes an enhanced network anomaly detection model based on supervised learning techniques with symbolic features. It discusses using supervised learning algorithms like nearest neighbor, random forest, and multilayer perceptron classifiers. It also covers selecting relevant attack features against different attack classes, encoding qualitative symbolic features, and evaluating the model's performance using dimensionality reduction and including symbolic features. The goal is to improve intrusion detection system defense against both known and unknown network attacks.
This document proposes an enhanced network anomaly detection model based on supervised learning techniques with symbolic features. It discusses using supervised learning algorithms like nearest neighbor, random forest, and multilayer perceptron classifiers. It also covers selecting relevant attack features against different attack classes, encoding qualitative symbolic features, and evaluating the model's performance using dimensionality reduction and including symbolic features. The goal is to improve intrusion detection system defense against both known and unknown network attacks.
This document proposes an enhanced network anomaly detection model based on supervised learning techniques with symbolic features. It discusses using supervised learning algorithms like nearest neighbor, random forest, and multilayer perceptron classifiers. It also covers selecting relevant attack features against different attack classes, encoding qualitative symbolic features, and evaluating the model's performance using dimensionality reduction and including symbolic features. The goal is to improve intrusion detection system defense against both known and unknown network attacks.
This document proposes an enhanced network anomaly detection model based on supervised learning techniques with symbolic features. It discusses using supervised learning algorithms like nearest neighbor, random forest, and multilayer perceptron classifiers. It also covers selecting relevant attack features against different attack classes, encoding qualitative symbolic features, and evaluating the model's performance using dimensionality reduction and including symbolic features. The goal is to improve intrusion detection system defense against both known and unknown network attacks.
Download as PPTX, PDF, TXT or read online from Scribd
Download as pptx, pdf, or txt
You are on page 1/ 13
ENHANCED NETWORK
ANOMALY DETECTION MODEL BASED ON SUPERVISED LEARNING TECHNIQUES WITH SYMBOLIC FEATURES Muhammad Shahid Azeem SELECTION MS160400843 Intrusion Detection System (IDS) • A primary defence mechanism to secure data and resources from illegal disclosure and unauthorized use. – Misuse Based – Day zero attack – Anomaly Based – Classification problem Supervised Learning Techniques Maps an input to an output based on example input-output pairs. Infers a function from labeled training data consisting of a set of training examples. Pair of an input object and a desired output. Learning algorithm analyzes the training data and produces an inferred function, which can be used for mapping new examples. Learning algorithm generalize from the training data to unseen situations in a "reasonable" way. Nearest Neighbour
Random Forest
Multilevel perceptron
Decision tree Features Selection A procedure to choose appropriate set of attack features against various attack classes to detect anomalous behaviour in the data flow 1. Quantitative – Measureable
2. Qualitative – Symbolic Encoding Process of quantifying Symbolic features • Binary Encoder • Hashing Encoder • Helmert Encoder • OneHotEncoder • OrdinalEncoder • SumEncoder • PolynomialEncoder • BaseNEncoder • LeaveOneOutEncoder • TargetEncoder. Research Questions • Can dimensionality reduction techniques be useful for anomalous behaviour detection in network traffic? • Which evaluation parameters can be used to effectively evaluate the performance of anomaly detection model? • Does encoding and inclusion of qualitative/symbolic features increases the performance of anomaly detection model? ALLAH HAFIZ
DATA MINING and MACHINE LEARNING. PREDICTIVE TECHNIQUES: ENSEMBLE METHODS, BOOSTING, BAGGING, RANDOM FOREST, DECISION TREES and REGRESSION TREES.: Examples with MATLAB
DATA MINING and MACHINE LEARNING. PREDICTIVE TECHNIQUES: ENSEMBLE METHODS, BOOSTING, BAGGING, RANDOM FOREST, DECISION TREES and REGRESSION TREES.: Examples with MATLAB
