« UC5 : Machine Learning vs DDoS » : différence entre les versions

Version du 12 novembre 2024 à 15:06

Développement du Use Case pédagogique "Machine Learning vs Attaque DDoS" dans le cadre du GT IA et Cyber

Catégorie : Commun Statut : Production 1 : Idée - 2 : Prototype - 3 : Validation - 4 : Production

Overview[modifier | modifier le wikicode]

The use case focuses on vast varieties of intrusions and attack activities of the network traffic. We propose three Dataset ready for exploration and modeling.

[CSE-CIC-IDS2018Datasets](https://www.unb.ca/cic/datasets/ids-2018.html#:~:text=In%20CSE-CIC-IDS2018%20dataset%2C%20we%20use%20the%20notion%20of,human%20operators%20to%20generate%20events%20on%20the%20network)

[UNSW-NB15Datasets](https://research.unsw.edu.au/projects/unsw-nb15-dataset)

[USB-IDS Datasets](http://idsdata.ding.unisannio.it/index.html)

For each cyber security dataset we propose data analysis, data standardization an modeling notebooks. In some notebooks standardization step is include in the modeling notebook

Authors: Christian Maréchal
Keywords: Supervised Machine Learning, Half-Supervised Machine Learning, Clustering, Data Standardization

Plan of Study[modifier | modifier le wikicode]

Data Analysis Notebook --\> Standardization Notebook --\> Modeling Notebook

To make things easier each notebook can be run independently.

Dataset Cse cic ids[modifier | modifier le wikicode]

Data[modifier | modifier le wikicode]


cleaned_ids2018S_test.cs
cleaned_ids2018S_train.csv

Notebooks[modifier | modifier le wikicode]


Notebook	Data Science step
Cyber_cse-cic-ids_analysis.ipynb	Data exploration
Cyber_cse-cic-ids_model.ipynb	Standardization and Half-Supervised Autoencoder model

Dataset Unsw[modifier | modifier le wikicode]

Data[modifier | modifier le wikicode]



NUSW-NB15_features.utf8.csv
UNSW_NB15S_test.csv
UNSW_NB15S_train.csv
UNSW-NB15_1.csv
UNSW-NB15_2.csv
UNSW-NB15_3.csv
UNSW-NB15_4.csv

Notebooks[modifier | modifier le wikicode]


Notebook	Data Science step
Cyber_unsw_analysis.ipynb	Data exploration
Cyber_unsw_analysisGmm.ipynb	data exploration for GMM clustering
Cyber_unsw_standardization.ipynb	data standardization
Cyber_unsw_autoencoder.ipynb	Binary classifier study. Half-Supervised Autoencoder modeling, we tested:
	-logistic regression
	-Autoencoder Inria like
	-Autoencoder single layer
	-Autoencoder multi layers
Cyber_unsw_complete_analysis.ipynb	data exploration
Cyber_unsw_model.ipynb	Data Supervised model, to classify attacks of different kinds, we tested:
	-Random Forest Classifier (rfc)
	-Support Vector Classification (svm)
	-Multi-Layer Perceptron (mlp)
	-Artificial Neural Network (ann)
	-eXtreme Gradient Boosting (xgb)
	-Convolutional Neural Network (cnn)

Dataset USB IDS[modifier | modifier le wikicode]

Data[modifier | modifier le wikicode]



USB-IDS-1S-TEST.csv
USB-IDS-1S-TRAIN.csv
USB-IDS-1S-VALIDATION.csv

Notebooks[modifier | modifier le wikicode]


Notebook	Data Science step
Cyber_USB-IDS_analysis.ipynb	Data exploration

| Notebook | Data Science step | |----------------------------------|---------------------------------------------------------| | Cyber_cse-cic-ids_analysis.ipynb | *Data exploration* | | Cyber_cse-cic-ids_model.ipynb | *Standardization and Half-Supervised Autoencoder model* |

| Notebook | Data Science step | |-------------------------------------|-----------------------------------------------------------------------------| | Cyber_unsw_analysis.ipynb | *Data exploration* | | Cyber_unsw_analysisGmm.ipynb | *data exploration for GMM clustering* | | Cyber_unsw_standardization.ipynb | *data standardization* | | Cyber_unsw_autoencoder.ipynb | *Binary classifier study. Half-Supervised Autoencoder modeling, we tested:* | | | \-logistic regression | | | \-Autoencoder Inria like | | | \-Autoencoder single layer | | | \-Autoencoder multi layers | | Cyber_unsw_complete_analysis.ipynb | *data exploration* | | Cyber_unsw_model.ipynb | *Data Supervised model, to classify attacks of different kinds, we tested:* | | | \-Random Forest Classifier (rfc) | | | \-Support Vector Classification (svm) | | | \-Multi-Layer Perceptron (mlp) | | | \-Artificial Neural Network (ann) | | | \-eXtreme Gradient Boosting (xgb) | | | \-Convolutional Neural Network (cnn) |

Dataset USB IDS

Dataset Unsw

Data[modifier | modifier le wikicode]

| USB-IDS-1S-TEST.csv | |---------------------------| | USB-IDS-1S-TRAIN.csv | | USB-IDS-1S-VALIDATION.csv |

Notebooks[modifier | modifier le wikicode]

| Notebook | Data Science step | |------------------------------|--------------------| | Cyber_USB-IDS_analysis.ipynb | *Data exploration* | | | |

&gt:/translate>

Groupe de travail

IA et cybersécurité

@@ Ligne 4 : / Ligne 4 : @@
 |Status=Production
 }}
-&gt:translate>
 == Overview==
-The use case focuses on vast varieties of intrusions and attack activities of
+The use case focuses on vast varieties of intrusions and attack activities of the network traffic. We propose three Dataset ready for exploration and modeling.
-the network traffic. We propose three Dataset ready for exploration and modeling.
-[CSE-CIC-IDS2018Datasets](https://www.unb.ca/cic/datasets/ids-2018.html#:~:text=In%20CSE-CIC-IDS2018%20dataset%2C%20we%20use%20the%20notion%20of,human%20operators%20to%20generate%20events%20on%20the%20network)
-[UNSW-NB15Datasets](https://research.unsw.edu.au/projects/unsw-nb15-dataset)
+* [CSE-CIC-IDS2018Datasets](https://www.unb.ca/cic/datasets/ids-2018.html#:~:text=In%20CSE-CIC-IDS2018%20dataset%2C%20we%20use%20the%20notion%20of,human%20operators%20to%20generate%20events%20on%20the%20network)
-[USB-IDS Datasets](http://idsdata.ding.unisannio.it/index.html)
+* [UNSW-NB15Datasets](https://research.unsw.edu.au/projects/unsw-nb15-dataset)
-For each cyber security dataset we propose data analysis, data standardization
+* [USB-IDS Datasets](http://idsdata.ding.unisannio.it/index.html)
-an modeling notebooks. In some notebooks standardization step is include in the
-modeling notebook.
-**Authors**: Christian Maréchal
+For each cyber security dataset we propose data analysis, data standardization an modeling notebooks. In some notebooks standardization step is include in the modeling notebook
-**Keywords**: Supervised Machine Learning, Half-Supervised Machine Learning,
+* Authors: Christian Maréchal
-Clustering, Data Standardization
+* Keywords: Supervised Machine Learning, Half-Supervised Machine Learning, Clustering, Data Standardization
 ==Plan of Study==
+* Data Analysis Notebook --\> Standardization Notebook --\> Modeling Notebook
-Data Analysis Notebook --\> Standardization Notebook --\> Modeling Notebook
 To make things easier each notebook can be run independently.
-Dataset Cse cic ids
+== Dataset Cse cic ids ==
 ===Data===
+{| class="wikitable"
+|+
+|cleaned_ids2018S_test.cs
+|
+|
+|
+|-
+|cleaned_ids2018S_train.csv
+|
+|
+|
+|}
-| cleaned_ids2018S_test.cs   |
+===Notebooks===
+{| class="wikitable"
+|+
+!Notebook
+!Data Science step
+!
+|-
+|Cyber_cse-cic-ids_analysis.ipynb
+|''Data exploration''
+|
+|-
+|Cyber_cse-cic-ids_model.ipynb
+|''Standardization and Half-Supervised Autoencoder model''
+|
+|}
-| cleaned_ids2018S_train.csv |
+== Dataset Unsw ==
-| NUSW-NB15_features.utf8.csv |
+=== Data ===
-|-----------------------------|
+{| class="wikitable"
-| UNSW_NB15S_test.csv         |
+|+
-| UNSW_NB15S_train.csv        |
+!
-| UNSW-NB15_1.csv             |
+!
-| UNSW-NB15_2.csv             |
+!
-| UNSW-NB15_3.csv             |
+|-
-| UNSW-NB15_4.csv             |
+|NUSW-NB15_features.utf8.csv
+|
+|
+|-
+|UNSW_NB15S_test.csv
+|
+|
+|-
+|UNSW_NB15S_train.csv
+|
+|
+|-
+|UNSW-NB15_1.csv
+|
+|
+|-
+|UNSW-NB15_2.csv
+|
+|
+|-
+|UNSW-NB15_3.csv
+|
+|
+|-
+|UNSW-NB15_4.csv
+|
+|
+|}
-===Notebooks===
+=== Notebooks ===
+{| class="wikitable"
+|+
+!Notebook
+!Data Science step
+!
+|-
+|Cyber_unsw_analysis.ipynb
+|''Data exploration''
+|
+|-
+|Cyber_unsw_analysisGmm.ipynb
+|''data exploration for GMM clustering''
+|
+|-
+|Cyber_unsw_standardization.ipynb
+|''data standardization''
+|
+|-
+|Cyber_unsw_autoencoder.ipynb
+|''Binary classifier study. Half-Supervised Autoencoder modeling, we tested:''
+|
+|-
+|
+| -logistic regression
+|
+|-
+|
+| -Autoencoder Inria like
+|
+|-
+|
+| -Autoencoder single layer
+|
+|-
+|
+| -Autoencoder multi layers
+|
+|-
+|Cyber_unsw_complete_analysis.ipynb
+|''data exploration''
+|
+|-
+|Cyber_unsw_model.ipynb
+|''Data Supervised model, to classify attacks of different kinds, we tested:''
+|
+|-
+|
+| -Random Forest Classifier (rfc)
+|
+|-
+|
+| -Support Vector Classification (svm)
+|
+|-
+|
+| -Multi-Layer Perceptron (mlp)
+|
+|-
+|
+| -Artificial Neural Network (ann)
+|
+|-
+|
+| -eXtreme Gradient Boosting (xgb)
+|
+|-
+|
+| -Convolutional Neural Network (cnn)
+|
+|}
+== Dataset USB IDS ==
+=== Data ===
+{| class="wikitable"
+|+
+!
+!
+!
+|-
+|USB-IDS-1S-TEST.csv
+|
+|
+|-
+|USB-IDS-1S-TRAIN.csv
+|
+|
+|-
+|USB-IDS-1S-VALIDATION.csv
+|
+|
+|}
+=== Notebooks ===
+{| class="wikitable"
+|+
+!Notebook
+!Data Science step
+!
+|-
+|Cyber_USB-IDS_analysis.ipynb
+|''Data exploration''
+|
+|}
 | Notebook                         | Data Science step                                       |
 |----------------------------------|---------------------------------------------------------|

« UC5 : Machine Learning vs DDoS » : différence entre les versions

Version du 12 novembre 2024 à 15:06

Overview[modifier | modifier le wikicode]

Plan of Study[modifier | modifier le wikicode]

Dataset Cse cic ids[modifier | modifier le wikicode]

Data[modifier | modifier le wikicode]

Notebooks[modifier | modifier le wikicode]

Dataset Unsw[modifier | modifier le wikicode]

Data[modifier | modifier le wikicode]

Notebooks[modifier | modifier le wikicode]

Dataset USB IDS[modifier | modifier le wikicode]

Data[modifier | modifier le wikicode]

Notebooks[modifier | modifier le wikicode]

Data[modifier | modifier le wikicode]

Notebooks[modifier | modifier le wikicode]

Groupe de travail

« UC5 : Machine Learning vs DDoS » : différence entre les versions