Deep Learning Approaches for Network Intrusion Detection

dc.contributor.advisorXu, Shouhuai
dc.contributor.authorFernandez, Gabriel C.
dc.contributor.committeeMemberWhite, Greg
dc.contributor.committeeMemberWu, Wenbo
dc.creator.orcidhttps://orcid.org/0000-0002-6552-7693
dc.date.accessioned2024-02-09T21:12:09Z
dc.date.available2024-02-09T21:12:09Z
dc.date.issued2019
dc.descriptionThis item is available only to currently enrolled UTSA students, faculty or staff. To download, navigate to Log In in the top right-hand corner of this screen, then select Log in with my UTSA ID.
dc.description.abstractAs the scale of cyber attacks and volume of network data increases exponentially, organizations must develop new ways of keeping their networks and data secure from the dynamic nature of evolving threat actors. With more security tools and sensors being deployed within the modern-day enterprise network, the amount of security event and alert data being generated continues to increase, making it more difficult to find the needle in the haystack. Organizations must rely on new techniques to assist and augment human analysts when dealing with the monitoring, prevention, detection, and response to cybersecurity events and potential attacks on their networks. The focus for this Thesis is on classifying network traffic flows as benign or malicious. The contribution of this work is two-fold. First, a feedforward fully connected Deep Neural Network (DNN) is used to train a Network Intrusion Detection System (NIDS) via supervised learning. Second, an autoencoder is used to detect and classify attack traffic via unsupervised learning in the absence of labeled malicious traffic. Deep neural network models are trained using two more recent intrusion detection datasets that overcome limitations of other intrusion detection datasets which have been commonly used in the past. Using these more recent datasets, deep neural networks are shown to be highly effective in performing supervised learning to detect and classify modern-day cyber attacks with a high degree of accuracy, high detection rate, and low false positive rate. In addition, an autoencoder is shown to be effective for anomaly detection.
dc.description.departmentComputer Science
dc.format.extent115 pages
dc.format.mimetypeapplication/pdf
dc.identifier.urihttps://hdl.handle.net/20.500.12588/3587
dc.languageen
dc.subjectanomaly detection
dc.subjectcybersecurity
dc.subjectdeep learning
dc.subjectdeep neural network
dc.subjectmachine learning
dc.subjectnetwork intrusion detection
dc.subject.classificationComputer science
dc.titleDeep Learning Approaches for Network Intrusion Detection
dc.typeThesis
dc.type.dcmiText
dcterms.accessRightspq_closed
thesis.degree.departmentComputer Science
thesis.degree.grantorUniversity of Texas at San Antonio
thesis.degree.levelMasters
thesis.degree.nameMaster of Science

Files

Original bundle

Now showing 1 - 1 of 1
No Thumbnail Available
Name:
Fernandez_utsa_1283M_12832.pdf
Size:
5.59 MB
Format:
Adobe Portable Document Format