Skip to content
This repository has been archived by the owner on Sep 27, 2022. It is now read-only.
/ bachelor-thesis Public archive

Bachelor's Degree in Information and Communications Engineering - Final Dissertation - A.Y. 2020/21 ๐ŸŽ“

License

GPL-3.0 license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

GiovanniBaccichet/bachelor-thesis

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

ย 

History

76 Commits
assets
assets
ย 
ย 
imgs
imgs
ย 
ย 
.gitignore
.gitignore
ย 
ย 
LICENSE
LICENSE
ย 
ย 
README.md
README.md
ย 
ย 
thesis.tex
thesis.tex
ย 
ย 

Repository files navigation


Logo

Bachelor Thesis

Information and Communications Engineering @ University of Trento
Download PDF ยป

Giovanni Baccichet | Prof. Fabrizio Granelli

Abstract

Cyber security has become a matter of global interest and importance. In the last couple of years, especially with the pandemic situation going on, several attacks were performed against companies and critical structures. Since almost every intrusion is put in place through the network, understanding how to identify and report malicious activity in a lightweight, reliable way is vital. This dissertation aims to use Machine Learning (ML) techniques to detect and identify network attacks. For this purpose an Intrusion Detection System (IDS) has been implemented and designed to be able to classify particular behaviors of network traffic with a low false-positive rate, taking also into cosideration userโ€™s privacy, which lately has become a concern. The approach used in this project differs from the traditional one because of the metrics employed in the classification process: instead of inspecting the payload of each network packet, the IDS observes its flow. In this context a flow is a tuple of 5 values (source IP, destination IP, source port, destination port, protocol) from which a set of useful features can be extracted and passed to the ML model for analysis. The developed piece of software was thought to be deployed with ease in a realistic scenario. For this reason it can be interfaced with Software Defined Network (SDN) for saving and then classifying network traffic. To achieve this integration, a script for the open-source controller Ryu has been developed: it creates a L3 switch that can generate a .pcap file containing the network packets passing through it. This architecture is particularly flexible due to its modularity: the system itself can work independent of the controller chosen, which represents the only component to adapt to. Almost the entirety of the system has been built using Python, since it represents a good starting point for prototyping. Random Forest (RF), the ML algorithm of choice, was trained using a Jupyter Notebook, on the CICIDS2017 dataset resulting in an accuracy of 99.91% and an F1 score of 99.86%.

About

Bachelor's Degree in Information and Communications Engineering - Final Dissertation - A.Y. 2020/21 ๐ŸŽ“

Topics

machine-learning university dissertation bachelor-thesis intrusion-detection-system software-defined-networking trento

Resources

Readme

License

GPL-3.0 license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 1

Machine Learning for Network Intrusion Detection Latest
Jul 16, 2021

Languages