Show simple record

dc.contributor.authorMiguez, Manuel
dc.date.accessioned2021-03-04T01:52:40Z
dc.date.available2021-03-04T01:52:40Z
dc.date.issued2020
dc.identifier.urihttps://hdl.handle.net/10652/5071
dc.description.abstractRESEARCH MOTIVATION: The objective of this research is to investigate how to increase the detection rate and increase the tracking rate of APT and TA in their early attack phases within an environment of distributed networks. ABSTRACT: Today's world has networks without clear frontiers, where employees can and do work outside the company protection systems. Furthermore, they use two or more devices providing many possible entry points for attackers. Large scale attacks are often unknowingly initiated by these users. Large scale Targeted Attacks (TA) are slow, fragmented, distributed, seemingly unrelated, and very sophisticated attacks targeting high-value organisations, and these attacks are often executed over long periods. When nations or states back these attacks, they are known as Advanced Persistent Threat (APT). This research focuses on developing a methodology capable of detecting an APT in its early stages combining an Artificial Immune System (AIS) methodology known as Dendritic Cell Algorithm (DCA) with Genetic Algorithm (GA) and Support Vector Machine (SVM) classifiers. This Hybrid Model uses GA for feature extraction and SVM for DCA Signal Selection during the pre-processing stage, and DCA is the classifier for the Traffic Processing and Decision Modules during the processing phase. The Signal Selection process applies a cumulative distribution function of the Pareto distribution model to the results obtained with SVM to produce the DCA Safe and Danger signals. The Traffic Processing stage presents two linear equations and their weights for implementation on different types of datasets. Finally, the Decision Module calculates the Anomaly Threshold required for the dataset classification by obtaining the intersection of the distribution of the training normal and abnormal scores.en_NZ
dc.language.isoenen_NZ
dc.rightsAttribution-NonCommercial-NoDerivs 3.0 New Zealand*
dc.rights.urihttp://creativecommons.org/licenses/by-nc-nd/3.0/nz/*
dc.subjectadvanced persistent threat (APT)en_NZ
dc.subjectintrusion prevention system (IPS)en_NZ
dc.subjectintrusion detection system (IDS)en_NZ
dc.subjectartificial intelligence (AI)en_NZ
dc.subjectAIen_NZ
dc.subjectcybersecurityen_NZ
dc.titleA hybrid intelligent intrusion detection system for advanced persistent threatsen_NZ
dc.typeMasters Thesisen_NZ
thesis.degree.nameMaster of Computingen_NZ
thesis.degree.levelMastersen_NZ
thesis.degree.grantorUnitec Institute of Technologyen_NZ
dc.subject.marsden080303 Computer System Securityen_NZ
dc.identifier.bibliographicCitationMiguez, M. (2020). A hybrid intelligent intrusion detection system for advanced persistent threats. (Unpublished document submitted in partial fulfilment of the requirements for the degree of Master of Computing). Unitec Institute of Technology, Auckland, New Zealand. Retrieved from https://hdl.handle.net/10652/5071en
unitec.pages220en_NZ
unitec.institutionUnitec Institute of Technologyen_NZ
dc.contributor.affiliationUnitec Institute of Technologyen_NZ
unitec.publication.placeAuckland, New Zealanden_NZ
unitec.advisor.principalSarrafpour, Bahman
unitec.institution.studyareaComputing


Files in this item

Thumbnail
Thumbnail

This item appears in

Show simple record

Attribution-NonCommercial-NoDerivs 3.0 New Zealand
Except where otherwise noted, this item's license is described as Attribution-NonCommercial-NoDerivs 3.0 New Zealand

© Unitec Institute of Technology, Private Bag 92025, Victoria Street West, Auckland 1142