A Generative Adversarial Approach for Packet Manipulation Detection
Master thesis
Permanent lenke
http://hdl.handle.net/11250/2563322Utgivelsesdato
2018Metadata
Vis full innførselSamlinger
Sammendrag
Over the years, machine learning has been used together with intrusion detection
systems to protect networks against different threats. The evolution of machine
learning has exploded and there are new types of of machine learning algorithms
being studied on different fields. Networks security is not one these fields that
have the most research, and with the continuous change in the way attacks are
appearing, machine learning in network security is more alluring than ever. The
intention of this thesis is to present a solution that shows that using machine learning
in intrusion detection domain is a way to enhance network security.
Several different generative techniques have emerged from the latest years of deep
learning research. One particular that stands out is The Generative Adversarial
Network (GAN), that is largely used in the field of image generation. These techniques
is based on the idea of two networks competing against each other and
trying to be superior than the other. This thesis follows a quantitative methodology
and a combination of experimentation and engineering research.
The study focuses on how well the developed solution performs on detecting
networks attacks and how well it can learn to recreate networks packets. This
approach implements a modified version of the generative adversarial network,
by implementing an optimisation training step to the regular algorithm. The results
shows that with this new type of generative adversarial network the accuracy
increases from 2 % to 100 % when detecting DARPA99 labelled attacks. The
results also shows that the solution experiences mode collapse when creating new
network packets, but the model is able to create real network packets that are approved
by Wiresharks syntax check and also for the human eye looks like normal
network packets.
Beskrivelse
Master's thesis Information- and communication technology IKT590 - University of Agder 2018