« UC5 : Machine Learning vs DDoS » : différence entre les versions

De Wiki Campus Cyber
Aller à :navigation, rechercher
Aucun résumé des modifications
Aucun résumé des modifications
Ligne 4 : Ligne 4 :
|Status=Production
|Status=Production
}}
}}
&gt:translate>
 
== Overview==
== Overview==
The use case focuses on vast varieties of intrusions and attack activities of
The use case focuses on vast varieties of intrusions and attack activities of the network traffic. We propose three Dataset ready for exploration and modeling.
the network traffic. We propose three Dataset ready for exploration and modeling.
 
[CSE-CIC-IDS2018Datasets](https://www.unb.ca/cic/datasets/ids-2018.html#:~:text=In%20CSE-CIC-IDS2018%20dataset%2C%20we%20use%20the%20notion%20of,human%20operators%20to%20generate%20events%20on%20the%20network)


[UNSW-NB15Datasets](https://research.unsw.edu.au/projects/unsw-nb15-dataset)
* [CSE-CIC-IDS2018Datasets](https://www.unb.ca/cic/datasets/ids-2018.html#:~:text=In%20CSE-CIC-IDS2018%20dataset%2C%20we%20use%20the%20notion%20of,human%20operators%20to%20generate%20events%20on%20the%20network)


[USB-IDS Datasets](http://idsdata.ding.unisannio.it/index.html)
* [UNSW-NB15Datasets](https://research.unsw.edu.au/projects/unsw-nb15-dataset)


For each cyber security dataset we propose data analysis, data standardization
* [USB-IDS Datasets](http://idsdata.ding.unisannio.it/index.html)
an modeling notebooks. In some notebooks standardization step is include in the
modeling notebook.


**Authors**: Christian Maréchal
For each cyber security dataset we propose data analysis, data standardization an modeling notebooks. In some notebooks standardization step is include in the modeling notebook


**Keywords**: Supervised Machine Learning, Half-Supervised Machine Learning,
* Authors: Christian Maréchal
Clustering, Data Standardization
* Keywords: Supervised Machine Learning, Half-Supervised Machine Learning, Clustering, Data Standardization


==Plan of Study==
==Plan of Study==


 
* Data Analysis Notebook --\> Standardization Notebook --\> Modeling Notebook
Data Analysis Notebook --\> Standardization Notebook --\> Modeling Notebook


To make things easier each notebook can be run independently.
To make things easier each notebook can be run independently.


Dataset Cse cic ids
== Dataset Cse cic ids ==


===Data===
===Data===
{| class="wikitable"
|+
|cleaned_ids2018S_test.cs     
|
|
|
|-
|cleaned_ids2018S_train.csv
|
|
|
|}


| cleaned_ids2018S_test.cs  |
===Notebooks===
{| class="wikitable"
|+
!Notebook
!Data Science step
!
|-
|Cyber_cse-cic-ids_analysis.ipynb
|''Data exploration''
|
|-
|Cyber_cse-cic-ids_model.ipynb  
|''Standardization and Half-Supervised Autoencoder model''
|
|}


| cleaned_ids2018S_train.csv |
== Dataset Unsw ==


| NUSW-NB15_features.utf8.csv |
=== Data ===
|-----------------------------|
{| class="wikitable"
| UNSW_NB15S_test.csv        |
|+
| UNSW_NB15S_train.csv       |
!
| UNSW-NB15_1.csv             |
!
| UNSW-NB15_2.csv             |
!
| UNSW-NB15_3.csv             |
|-
| UNSW-NB15_4.csv             |
|NUSW-NB15_features.utf8.csv     
|
|
|-
|UNSW_NB15S_test.csv   
|
|
|-
|UNSW_NB15S_train.csv
|
|
|-
|UNSW-NB15_1.csv
|
|
|-
|UNSW-NB15_2.csv
|
|
|-
|UNSW-NB15_3.csv
|
|
|-
|UNSW-NB15_4.csv
|
|
|}


===Notebooks===
=== Notebooks ===
{| class="wikitable"
|+
!Notebook
!Data Science step     
!
|-
|Cyber_unsw_analysis.ipynb
|''Data exploration''
|
|-
|Cyber_unsw_analysisGmm.ipynb
|''data exploration for GMM clustering''
|
|-
|Cyber_unsw_standardization.ipynb
|''data standardization''
|
|-
|Cyber_unsw_autoencoder.ipynb  
|''Binary classifier study. Half-Supervised Autoencoder modeling, we tested:''
|
|-
|
| -logistic regression   
|
|-
|
| -Autoencoder Inria like   
|
|-
|
| -Autoencoder single layer   
|
|-
|
| -Autoencoder multi layers   
|
|-
|Cyber_unsw_complete_analysis.ipynb  
|''data exploration''
|
|-
|Cyber_unsw_model.ipynb  
|''Data Supervised model, to classify attacks of different kinds, we tested:''
|
|-
|
| -Random Forest Classifier (rfc)
|
|-
|
| -Support Vector Classification (svm)
|
|-
|
| -Multi-Layer Perceptron (mlp)
|
|-
|
| -Artificial Neural Network (ann)
|
|-
|
| -eXtreme Gradient Boosting (xgb)
|
|-
|
| -Convolutional Neural Network (cnn)
|
|}
 
== Dataset USB IDS ==
 
=== Data ===
{| class="wikitable"
|+
!
!
!
|-
|USB-IDS-1S-TEST.csv     
|
|
|-
|USB-IDS-1S-TRAIN.csv   
|
|
|-
|USB-IDS-1S-VALIDATION.csv
|
|
|}


=== Notebooks ===
{| class="wikitable"
|+
!Notebook
!Data Science step     
!
|-
|Cyber_USB-IDS_analysis.ipynb
|''Data exploration''
|
|}
| Notebook                        | Data Science step                                      |
| Notebook                        | Data Science step                                      |
|----------------------------------|---------------------------------------------------------|
|----------------------------------|---------------------------------------------------------|

Version du 12 novembre 2024 à 15:06

Développement du Use Case pédagogique "Machine Learning vs Attaque DDoS" dans le cadre du GT IA et Cyber

Catégorie : Commun Statut : Production 1 : Idée - 2 : Prototype - 3 : Validation - 4 : Production



Overview[modifier | modifier le wikicode]

The use case focuses on vast varieties of intrusions and attack activities of the network traffic. We propose three Dataset ready for exploration and modeling.

For each cyber security dataset we propose data analysis, data standardization an modeling notebooks. In some notebooks standardization step is include in the modeling notebook

  • Authors: Christian Maréchal
  • Keywords: Supervised Machine Learning, Half-Supervised Machine Learning, Clustering, Data Standardization

Plan of Study[modifier | modifier le wikicode]

  • Data Analysis Notebook --\> Standardization Notebook --\> Modeling Notebook

To make things easier each notebook can be run independently.

Dataset Cse cic ids[modifier | modifier le wikicode]

Data[modifier | modifier le wikicode]

cleaned_ids2018S_test.cs     
cleaned_ids2018S_train.csv

Notebooks[modifier | modifier le wikicode]

Notebook Data Science step
Cyber_cse-cic-ids_analysis.ipynb Data exploration
Cyber_cse-cic-ids_model.ipynb   Standardization and Half-Supervised Autoencoder model

Dataset Unsw[modifier | modifier le wikicode]

Data[modifier | modifier le wikicode]

NUSW-NB15_features.utf8.csv     
UNSW_NB15S_test.csv   
UNSW_NB15S_train.csv
UNSW-NB15_1.csv
UNSW-NB15_2.csv
UNSW-NB15_3.csv
UNSW-NB15_4.csv

Notebooks[modifier | modifier le wikicode]

Notebook Data Science step     
Cyber_unsw_analysis.ipynb Data exploration
Cyber_unsw_analysisGmm.ipynb data exploration for GMM clustering
Cyber_unsw_standardization.ipynb data standardization
Cyber_unsw_autoencoder.ipynb   Binary classifier study. Half-Supervised Autoencoder modeling, we tested:
-logistic regression   
-Autoencoder Inria like   
-Autoencoder single layer   
-Autoencoder multi layers   
Cyber_unsw_complete_analysis.ipynb   data exploration
Cyber_unsw_model.ipynb   Data Supervised model, to classify attacks of different kinds, we tested:
-Random Forest Classifier (rfc)
-Support Vector Classification (svm)
-Multi-Layer Perceptron (mlp)
-Artificial Neural Network (ann)
-eXtreme Gradient Boosting (xgb)
-Convolutional Neural Network (cnn)

Dataset USB IDS[modifier | modifier le wikicode]

Data[modifier | modifier le wikicode]

USB-IDS-1S-TEST.csv     
USB-IDS-1S-TRAIN.csv   
USB-IDS-1S-VALIDATION.csv

Notebooks[modifier | modifier le wikicode]

Notebook Data Science step     
Cyber_USB-IDS_analysis.ipynb Data exploration

| Notebook | Data Science step | |----------------------------------|---------------------------------------------------------| | Cyber_cse-cic-ids_analysis.ipynb | *Data exploration* | | Cyber_cse-cic-ids_model.ipynb  | *Standardization and Half-Supervised Autoencoder model* |


| Notebook | Data Science step | |-------------------------------------|-----------------------------------------------------------------------------| | Cyber_unsw_analysis.ipynb | *Data exploration* | | Cyber_unsw_analysisGmm.ipynb | *data exploration for GMM clustering* | | Cyber_unsw_standardization.ipynb | *data standardization* | | Cyber_unsw_autoencoder.ipynb  | *Binary classifier study. Half-Supervised Autoencoder modeling, we tested:* | | | \-logistic regression | | | \-Autoencoder Inria like | | | \-Autoencoder single layer | | | \-Autoencoder multi layers | | Cyber_unsw_complete_analysis.ipynb  | *data exploration* | | Cyber_unsw_model.ipynb  | *Data Supervised model, to classify attacks of different kinds, we tested:* | | | \-Random Forest Classifier (rfc) | | | \-Support Vector Classification (svm) | | | \-Multi-Layer Perceptron (mlp) | | | \-Artificial Neural Network (ann) | | | \-eXtreme Gradient Boosting (xgb) | | | \-Convolutional Neural Network (cnn) |

Dataset USB IDS 

Dataset Unsw


Data[modifier | modifier le wikicode]

| USB-IDS-1S-TEST.csv | |---------------------------| | USB-IDS-1S-TRAIN.csv | | USB-IDS-1S-VALIDATION.csv |

Notebooks[modifier | modifier le wikicode]

| Notebook | Data Science step | |------------------------------|--------------------| | Cyber_USB-IDS_analysis.ipynb | *Data exploration* | | | |



&gt:/translate>

Groupe de travail

IA et cybersécurité