Thesis Format
Integrated Article
Degree
Master of Science
Program
Computer Science
Supervisor
Haque, Anwar
Abstract
Ensuring Quality of Service (QoS) and Quality of Experience (QoE) in networks requires robust mechanisms for cyberattack prediction, detection, and mitigation. The rapid advancements in Machine Learning (ML) and Natural Language Processing (NLP) offer innovative solutions for these challenges but also introduce complexities that must be carefully addressed. This thesis tackles these issues through four empirical studies, presenting novel approaches for cyberattack prediction, detection, and mitigation. Firstly, we propose an EMD-KNN-based traffic forecasting technique. By accurately predicting unexpected spikes in internet traffic, we can proactively identify potential cyberattacks before they occur. Additionally, we introduce an end-to-end framework for detecting and explaining cyberattacks using Explainable AI (XAI) and Large Language Models (LLMs). While large cloud-based LLMs, such as ChatGPT, provide advanced text generation and general intelligence, they pose risks for enterprises due to the potential exposure of sensitive data. As a result, on-premise solutions are often preferred in network security environments. However, open-source LLMs typically underperform compared to their cloud-based counterparts. To address this, we explored domain-specific fine-tuning of LLMs to enhance their performance in cybersecurity tasks. Finally, we integrate these innovations into an autonomous cyberattack monitoring and incident response system, utilizing the Reasoning and Acting (ReAct) framework and the capabilities of LLMs. By incorporating generative AI into the cyberattack detection and mitigation process, this research opens new dimensions in cybersecurity, paving the way for more intelligent, autonomous defense mechanisms in network security.
Summary for Lay Audience
As our world becomes increasingly connected through digital networks, ensuring the security of these systems has never been more important. Cyberattacks, such as hacking and malware, can disrupt services and compromise sensitive information. This research explores how new technologies in Artificial Intelligence (AI), Machine Learning, and Large Language Models (LLMs) can help predict, detect, and mitigate cyberattacks before they cause harm. One of the methods we developed looks at patterns in network traffic, using machine learning techniques to spot early signs of a cyberattack. We also built a system that can automatically identify and explain these attacks using AI tools that process and understand language. This system can even make decisions, such as adjusting a firewall to block suspicious activity. We explored how to fine-tune these AI tools, specifically for cybersecurity, to make them more effective in protecting networks. Overall, this research shows how AI and Natural Language Processing can be used to improve network security, offering new ways to defend against ever-evolving cyber threats.
Recommended Citation
baral, sudipto, "Generative AI Driven Novel Approaches for Cyber Attack Prediction, Detection, and Mitigation" (2024). Electronic Thesis and Dissertation Repository. 10560.
https://ir.lib.uwo.ca/etd/10560