Publicação
Brute Force Attacks: Evaluating Machine Learning Solutions for Network Intrusion Detection
| Resumo: | Facing the escalating frequency and sophistication of cyber threats in the modern digital era, intrusion detection systems are essential in protecting networks and computer systems. These systems monitor the network and detect potential security breaches. Traditional intrusion detection systems employ computationally expensive deep packet inspection and resource-intensive stateful protocol analysis to identify network threats. To overcome these challenges, researchers are progressively exploring network flow-based intrusion detection as an effective alternative. This study evaluates machine learning solutions for network flow- based intrusion detection, focusing mainly on brute force attacks. Both supervised and unsupervised learning methods are employed, and the results are comprehensively analysed and discussed. LightGBM and Decision Tree, with a F1-score of 99.99% and 99.98%, respectively, proved to be the best-performing models among the supervised methods. In contrast, with a F1-score of 96.10%, the autoencoder outperformed the unsupervised methods. The findings of this study validate the effectiveness of machine learning algorithms for network intrusion detection systems. |
|---|---|
| Autores principais: | Neto, Beatriz Amaro dos Santos |
| Assunto: | Cybersecurity Intrusion Detection System Machine Learning Classification Brute Force SDG 16 - Peace, justice and strong institutions |
| Ano: | 2024 |
| País: | Portugal |
| Tipo de documento: | dissertação de mestrado |
| Tipo de acesso: | acesso aberto |
| Instituição associada: | Universidade Nova de Lisboa |
| Idioma: | inglês |
| Origem: | Repositório Institucional da UNL |
| Resumo: | Facing the escalating frequency and sophistication of cyber threats in the modern digital era, intrusion detection systems are essential in protecting networks and computer systems. These systems monitor the network and detect potential security breaches. Traditional intrusion detection systems employ computationally expensive deep packet inspection and resource-intensive stateful protocol analysis to identify network threats. To overcome these challenges, researchers are progressively exploring network flow-based intrusion detection as an effective alternative. This study evaluates machine learning solutions for network flow- based intrusion detection, focusing mainly on brute force attacks. Both supervised and unsupervised learning methods are employed, and the results are comprehensively analysed and discussed. LightGBM and Decision Tree, with a F1-score of 99.99% and 99.98%, respectively, proved to be the best-performing models among the supervised methods. In contrast, with a F1-score of 96.10%, the autoencoder outperformed the unsupervised methods. The findings of this study validate the effectiveness of machine learning algorithms for network intrusion detection systems. |
|---|