Network Intrusion Detection and Prevention using Reinforcement Learning algorithm

已关闭 已发布的 5 年前 货到付款
已关闭 货到付款

Network Intrusion Detection System using Machine Learning (Reinforcement algorithm)

To detect these intrusions our proposed approach would be using Deep Reinforcement Learning and Q Learning which improves the stability and performance of the system.

We want to detect DDoS attack:

DDoS: Distributed Denial of Service attack is a type of DOS attack where multiple compromised systems, which are often infected with a Trojan, are used to target a single system causing a Denial of Service (DoS) attack. These attacks are one of the most dangerous security threats, in which attackers aim to break down the victim’s computer network or cyber system and interrupt their services. MEC systems are especially vulnerable to distributed DoS attacks, in which some distributed edge devices that are not well protected by security protocols can be easily compromised and then used to attack other edge nodes. Some attackers also aim to prevent the collaborative caching users from accessing the caching data. Jamming can be viewed as a special type of DoS attack.

The simplest approach could be to examine the logs of the web server and to identify whether the query relates to the DoS/DDoS attack or not. Collect the good and bad queries, label them (either bot or not). The tricky part will be to extract features. As features you can use: HTTP request method HTTP status code URL File name ([login to view URL]) Useragent IP address Geolocation of the IP address Train and test machine learning model. The drawback of the proposed approach is that the requests are treated as single objects and not as a part of the attack.

Our proposed method consists of first by using a supervised learning model the Support Vector Machines (SVM), which captures network traffic, filters HTTP headers, normalizes the data on the basis of the operational variables: rate of false positives, rate of false negatives, rate of classification and then sends the information to corresponding SVM’s training and testing sets.

then, we use Deep Q learning to attain the best possible reward.

We are using CICIDS 2017 dataset for intrusion detection which has the latest attributes with new types of attacks. In this section we have analyzed various types of publicly available dataset which we have used for training our neural network.

CICIDS2017: Generating the realistic background traffic is one of the highest priorities of this work. For this dataset, we used our proposed B-Profile system (Sharafaldin et al., 2017), which is responsible for profiling the abstract behavior of human interactions and generate a naturalistic benign background traffic. Our B-Profile for this dataset extracts the abstract behavior of 25 users based on the HTTP, HTTPS, FTP, SSH, and email protocols.

It also includes the results of the network traffic analysis using CICFlowMeter with labeled flows based on the time stamp, source and destination IPs, source and destination ports, protocols and attack (CSV files).

计算机安全 机器学习(ML) 矩阵及数学软件 Python 网络安全

项目ID: #17158380

关于项目

14个方案 远程项目 活跃的5 年前

有14名威客正在参与此工作的竞标,均价kr4093/小时

schoudhary1553

Hello, I can help with you in your project Network Intrusion Detection and Prevention using Reinforcement Learning algorithm. I have more than 5 years of experience in Computer Security, Machine Learning, Matlab and 更多

kr4800 SEK 在10天内
(49条评论)
6.1
seelamkomalkumar

I am data science security professional. I am sure i can help u here. Ping me when u r available, we can discuss further.

kr3555 SEK 在10天内
(1条评论)
0.5
techbla

We will use open AI, gym and deep q learning to develop the project. the entire project will have a training data set and a deep learning set to give accurate results. We will also use two different approaches to dat 更多

kr4222 SEK 在10天内
(0条评论)
0.0