« UC5 : Machine Learning vs DDoS » : différence entre les versions

&gt:translate>

Overview[modifier | modifier le wikicode]

The use case focuses on vast varieties of intrusions and attack activities of the network traffic. We propose three Dataset ready for exploration and modeling.

[CSE-CIC-IDS2018Datasets](https://www.unb.ca/cic/datasets/ids-2018.html#:~:text=In%20CSE-CIC-IDS2018%20dataset%2C%20we%20use%20the%20notion%20of,human%20operators%20to%20generate%20events%20on%20the%20network)

[UNSW-NB15Datasets](https://research.unsw.edu.au/projects/unsw-nb15-dataset)

[USB-IDS Datasets](http://idsdata.ding.unisannio.it/index.html)

For each cyber security dataset we propose data analysis, data standardization an modeling notebooks. In some notebooks standardization step is include in the modeling notebook.

• • Authors**: Christian Maréchal

• • Keywords**: Supervised Machine Learning, Half-Supervised Machine Learning,

Clustering, Data Standardization

Plan of Study[modifier | modifier le wikicode]

- Data Analysis Notebook --\> Standardization Notebook --\> Modeling Notebook

To make things easier each notebook can be run independently.

Dataset Cse cic ids

Data[modifier | modifier le wikicode]

| cleaned_ids2018S_test.cs | |----------------------------| | cleaned_ids2018S_train.csv |

Notebooks[modifier | modifier le wikicode]

| Notebook | Data Science step | |----------------------------------|---------------------------------------------------------| | Cyber_cse-cic-ids_analysis.ipynb | *Data exploration* | | Cyber_cse-cic-ids_model.ipynb  | *Standardization and Half-Supervised Autoencoder model* |

Dataset Unsw

Data[modifier | modifier le wikicode]

| NUSW-NB15_features.utf8.csv | |-----------------------------| | UNSW_NB15S_test.csv | | UNSW_NB15S_train.csv | | UNSW-NB15_1.csv | | UNSW-NB15_2.csv | | UNSW-NB15_3.csv | | UNSW-NB15_4.csv |

Notebooks[modifier | modifier le wikicode]

| Notebook | Data Science step | |-------------------------------------|-----------------------------------------------------------------------------| | Cyber_unsw_analysis.ipynb | *Data exploration* | | Cyber_unsw_analysisGmm.ipynb | *data exploration for GMM clustering* | | Cyber_unsw_standardization.ipynb | *data standardization* | | Cyber_unsw_autoencoder.ipynb  | *Binary classifier study. Half-Supervised Autoencoder modeling, we tested:* | | | \-logistic regression | | | \-Autoencoder Inria like | | | \-Autoencoder single layer | | | \-Autoencoder multi layers | | Cyber_unsw_complete_analysis.ipynb  | *data exploration* | | Cyber_unsw_model.ipynb  | *Data Supervised model, to classify attacks of different kinds, we tested:* | | | \-Random Forest Classifier (rfc) | | | \-Support Vector Classification (svm) | | | \-Multi-Layer Perceptron (mlp) | | | \-Artificial Neural Network (ann) | | | \-eXtreme Gradient Boosting (xgb) | | | \-Convolutional Neural Network (cnn) |

Dataset USB IDS 

Data[modifier | modifier le wikicode]

| USB-IDS-1S-TEST.csv | |---------------------------| | USB-IDS-1S-TRAIN.csv | | USB-IDS-1S-VALIDATION.csv |

Notebooks[modifier | modifier le wikicode]

| Notebook | Data Science step | |------------------------------|--------------------| | Cyber_USB-IDS_analysis.ipynb | *Data exploration* | | | |

&gt:/translate>