NORMA eResearch @NCI Library

Using feature selection to improve intrusion detection

Cogan, Jordan (2021) Using feature selection to improve intrusion detection. Masters thesis, Dublin, National College of Ireland.

[img]
Preview
PDF (Master of Science)
Download (884kB) | Preview
[img]
Preview
PDF (Configuration manual)
Download (653kB) | Preview

Abstract

Recent high profile cyber-attacks have further showed the importance of cyber security in society, with many smaller organizations now starting to employ external security assistance. The basis of any successful cyber security team is the Security Operations Centre (SOC). The SOC team are responsible for monitoring and mitigating potential threats. The key to a successful SOC team is their Security Information and Event Management system (SIEM) which can be used to monitor Intrusion Detection traffic. The more reliable that a SIEM is at detecting intrusion traffic, the more successful the SOC team can be. Although many researchers have proposed a variety of ways to improve intrusion detection, this paper proposes a model which makes use of multi-layer feature selection. The Random Forest and K-nearest neighbours classifiers were applied after the multi-layer feature selection and evaluated. The Random Forest outperformed K-nearest neighbours overall and achieved 98% for its accuracy, while also achieving 99% for precision, recall and F1-score. Therefore, the multi-layer feature selection model can be considered an appropriate solution at improving intrusion detection.

Item Type: Thesis (Masters)
Uncontrolled Keywords: Intrusion detection; Machine Learning; Feature Selection; Random Forest; KNN; Chi-2; KDD99
Subjects: Q Science > QA Mathematics > Electronic computers. Computer science
T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science

Q Science > QA Mathematics > Computer software > Computer Security
T Technology > T Technology (General) > Information Technology > Computer software > Computer Security

H Social Sciences > HV Social pathology. Social and public welfare > Criminology > Crimes and Offences > Cyber Crime
Divisions: School of Computing > Master of Science in Cyber Security
Depositing User: Clara Chan
Date Deposited: 14 Oct 2021 14:11
Last Modified: 18 Oct 2021 14:07
URI: http://norma.ncirl.ie/id/eprint/5095

Actions (login required)

View Item View Item