Master of Science
Network traffic is growing at an outpaced speed globally. According to the 2020 Cisco Annual Report, nearly two-thirds of the global population will have internet connectivity by the year 2023. The number of devices connected to IP networks will also triple the total world population's size by the same year. The vastness of forecasted network infrastructure opens opportunities for new technologies and businesses to take shape, but it also increases the surface of security vulnerabilities. The number of cyberattacks are growing worldwide and are becoming more diverse and sophisticated. Classic network intrusion detection architectures monitor a system to detect malicious activities and policy violations in its information stream using various signature libraries. Still, due to a heavy inflow of network traffic in modern network infrastructures, it becomes easier for cybercriminals to infiltrate systems undetected to steal or destroy information assets successfully. Classic network intrusion detection architectures' speed and efficiency also fail to meet expectations in a real-time processing scenario. Considering the above limitations, this thesis aims to present novel methodologies to design and architect network intrusion detection systems using applied deep learning techniques. Neural networks can derive patterns and signatures from a raw dataset and use the learned signatures to predict the nature and classify the forthcoming data at an outpaced speed. The robustness of neural network architecture can be augmented to build a real-time and efficient network security framework. In this paper, we will study various machine learning and deep learning concepts as well as techniques. Combining the strengths of the presented models for their latent feature extraction, memory retention, and classification abilities, we will develop a hybrid network intrusion detection system using the CNN-LSTM architecture. Further, we will compare our results with the recent research in this field of study.
Summary for Lay Audience
With the rise in network connectivity worldwide, we use network systems in all spheres of our society. The confidential data libraries of many businesses and government organizations are now stored on the network systems. Such data is prone to be stolen or destroyed by cybercriminals. The cyberattack activity has witnessed a rise with the mass adoption of communication networks globally. In such scenarios, the classic intrusion detection systems are not practical due to increased data traffic and speed as intrusion attempts may bypass the systems undetected. The fields of neural networks and deep learning have matured rapidly over the past decade. Neural networks are very efficient in recognizing and extracting patterns from a large dataset. Once we train a model to decipher various patterns and features, they become nominally fast in identifying and classifying the new data they encounter. Such recognition systems' efficiency and speed can also be increased using various novel methods and techniques during the developmental phase. This thesis uses machine learning and deep learning techniques to build a novel and efficient network intrusion detection system, which can classify a malicious network activity from regular network activity. The proposed approach is much accurate and faster and can easily be integrated into modern network infrastructures to classify cyberattacks in real-time compared to classic intrusion detection systems.
Dhillon, Harsh, "Building Effective Network Security Frameworks using Deep Transfer Learning Techniques" (2021). Electronic Thesis and Dissertation Repository. 7658.