Performance Analysis of a Graph-based Anomaly Detector and the Zeek Intrusion Detection System

dc.contributor.authorRoshandel, Somayeh
dc.contributor.supervisorLi, Kin Fun
dc.date.accessioned2022-05-16T21:31:28Z
dc.date.available2022-05-16T21:31:28Z
dc.date.copyright2022en_US
dc.date.issued2022-05-16
dc.degree.departmentDepartment of Electrical and Computer Engineeringen_US
dc.degree.levelMaster of Engineering M.Eng.en_US
dc.description.abstractDue to the increase in the number of cyber security attacks and malicious behaviours, different sectors of society are required to mitigate the risk of being targeted by threat actors. Network Intrusion Detection Systems (NIDS) have become an essential part of most security strategies deployed in organizations as a protection layer for their network infrastructure. In this project, we analyze the performance of a graph-based unsupervised anomaly detection model that was developed at the Information Security and Object Technology (ISOT) Lab. The performance evaluation was conducted using a large public IDS evaluation dataset called CICIDS2017. This allowed confirming the performance results obtained in the original model evaluation that was conducted using a different dataset. Furthermore, by running the Zeek intrusion detection system (IDS) on the CICIDS2017 we were able to compare and contrast the graph-based anomaly detector against Zeek.en_US
dc.description.scholarlevelGraduateen_US
dc.identifier.urihttp://hdl.handle.net/1828/13956
dc.language.isoenen_US
dc.rightsAvailable to the World Wide Weben_US
dc.titlePerformance Analysis of a Graph-based Anomaly Detector and the Zeek Intrusion Detection Systemen_US
dc.typeprojecten_US

Files

Original bundle
Now showing 1 - 1 of 1
Loading...
Thumbnail Image
Name:
Roshandel_Somayeh_MEng_2022.pdf
Size:
889.64 KB
Format:
Adobe Portable Document Format
Description:
License bundle
Now showing 1 - 1 of 1
No Thumbnail Available
Name:
license.txt
Size:
2 KB
Format:
Item-specific license agreed upon to submission
Description: