Performance Analysis of a Graph-based Anomaly Detector and the Zeek Intrusion Detection System
| dc.contributor.author | Roshandel, Somayeh | |
| dc.contributor.supervisor | Li, Kin Fun | |
| dc.date.accessioned | 2022-05-16T21:31:28Z | |
| dc.date.available | 2022-05-16T21:31:28Z | |
| dc.date.copyright | 2022 | en_US |
| dc.date.issued | 2022-05-16 | |
| dc.degree.department | Department of Electrical and Computer Engineering | en_US |
| dc.degree.level | Master of Engineering M.Eng. | en_US |
| dc.description.abstract | Due to the increase in the number of cyber security attacks and malicious behaviours, different sectors of society are required to mitigate the risk of being targeted by threat actors. Network Intrusion Detection Systems (NIDS) have become an essential part of most security strategies deployed in organizations as a protection layer for their network infrastructure. In this project, we analyze the performance of a graph-based unsupervised anomaly detection model that was developed at the Information Security and Object Technology (ISOT) Lab. The performance evaluation was conducted using a large public IDS evaluation dataset called CICIDS2017. This allowed confirming the performance results obtained in the original model evaluation that was conducted using a different dataset. Furthermore, by running the Zeek intrusion detection system (IDS) on the CICIDS2017 we were able to compare and contrast the graph-based anomaly detector against Zeek. | en_US |
| dc.description.scholarlevel | Graduate | en_US |
| dc.identifier.uri | http://hdl.handle.net/1828/13956 | |
| dc.language.iso | en | en_US |
| dc.rights | Available to the World Wide Web | en_US |
| dc.title | Performance Analysis of a Graph-based Anomaly Detector and the Zeek Intrusion Detection System | en_US |
| dc.type | project | en_US |