Electronic Thesis and Dissertation Repository

Thesis Format

Integrated Article

Degree

Master of Science

Program

Computer Science

Supervisor

Haque, Anwar

Abstract

Ensuring Quality of Service (QoS) and Quality of Experience (QoE) in networks requires robust mechanisms for cyberattack prediction, detection, and mitigation. The rapid advancements in Machine Learning (ML) and Natural Language Processing (NLP) offer innovative solutions for these challenges but also introduce complexities that must be carefully addressed. This thesis tackles these issues through four empirical studies, presenting novel approaches for cyberattack prediction, detection, and mitigation. Firstly, we propose an EMD-KNN-based traffic forecasting technique. By accurately predicting unexpected spikes in internet traffic, we can proactively identify potential cyberattacks before they occur. Additionally, we introduce an end-to-end framework for detecting and explaining cyberattacks using Explainable AI (XAI) and Large Language Models (LLMs). While large cloud-based LLMs, such as ChatGPT, provide advanced text generation and general intelligence, they pose risks for enterprises due to the potential exposure of sensitive data. As a result, on-premise solutions are often preferred in network security environments. However, open-source LLMs typically underperform compared to their cloud-based counterparts. To address this, we explored domain-specific fine-tuning of LLMs to enhance their performance in cybersecurity tasks. Finally, we integrate these innovations into an autonomous cyberattack monitoring and incident response system, utilizing the Reasoning and Acting (ReAct) framework and the capabilities of LLMs. By incorporating generative AI into the cyberattack detection and mitigation process, this research opens new dimensions in cybersecurity, paving the way for more intelligent, autonomous defense mechanisms in network security.

Summary for Lay Audience

As our world becomes increasingly connected through digital networks, ensuring the security of these systems has never been more important. Cyberattacks, such as hacking and malware, can disrupt services and compromise sensitive information. This research explores how new technologies in Artificial Intelligence (AI), Machine Learning, and Large Language Models (LLMs) can help predict, detect, and mitigate cyberattacks before they cause harm. One of the methods we developed looks at patterns in network traffic, using machine learning techniques to spot early signs of a cyberattack. We also built a system that can automatically identify and explain these attacks using AI tools that process and understand language. This system can even make decisions, such as adjusting a firewall to block suspicious activity. We explored how to fine-tune these AI tools, specifically for cybersecurity, to make them more effective in protecting networks. Overall, this research shows how AI and Natural Language Processing can be used to improve network security, offering new ways to defend against ever-evolving cyber threats.

Included in

Cybersecurity Commons

Share

COinS