« UC5 : Machine Learning vs DDoS » : différence entre les versions

Dernière version du 2 janvier 2025 à 15:51

Développement du Use Case pédagogique "Machine Learning vs Attaque DDoS" dans le cadre du GT IA et Cyber

Catégorie : Commun Statut : Production 1 : Idée - 2 : Prototype - 3 : Validation - 4 : Production

Overview[modifier | modifier le wikicode]

The use case focuses on vast varieties of intrusions and attack activities of the network traffic. We propose three Dataset ready for exploration and modeling.

[CSE-CIC-IDS2018Datasets](https://www.unb.ca/cic/datasets/ids-2018.html#:~:text=In%20CSE-CIC-IDS2018%20dataset%2C%20we%20use%20the%20notion%20of,human%20operators%20to%20generate%20events%20on%20the%20network)

[UNSW-NB15Datasets](https://research.unsw.edu.au/projects/unsw-nb15-dataset)

[USB-IDS Datasets](http://idsdata.ding.unisannio.it/index.html)

For each cyber security dataset we propose data analysis, data standardization an modeling notebooks. In some notebooks standardization step is include in the modeling notebook

Authors: Christian Maréchal
Keywords: Supervised Machine Learning, Half-Supervised Machine Learning, Clustering, Data Standardization

Plan of Study[modifier | modifier le wikicode]

Data Analysis Notebook --\> Standardization Notebook --\> Modeling Notebook

To make things easier each notebook can be run independently.

Dataset Cse cic ids[modifier | modifier le wikicode]

Data[modifier | modifier le wikicode]


cleaned_ids2018S_test.cs
cleaned_ids2018S_train.csv

Notebooks[modifier | modifier le wikicode]


Notebook	Data Science step
Cyber_cse-cic-ids_analysis.ipynb	Data exploration
Cyber_cse-cic-ids_model.ipynb	Standardization and Half-Supervised Autoencoder model

Dataset Unsw[modifier | modifier le wikicode]

Data[modifier | modifier le wikicode]



NUSW-NB15_features.utf8.csv
UNSW_NB15S_test.csv
UNSW_NB15S_train.csv
UNSW-NB15_1.csv
UNSW-NB15_2.csv
UNSW-NB15_3.csv
UNSW-NB15_4.csv

Notebooks[modifier | modifier le wikicode]


Notebook	Data Science step
Cyber_unsw_analysis.ipynb	Data exploration
Cyber_unsw_analysisGmm.ipynb	data exploration for GMM clustering
Cyber_unsw_standardization.ipynb	data standardization
Cyber_unsw_autoencoder.ipynb	Binary classifier study. Half-Supervised Autoencoder modeling, we tested:
	-logistic regression
	-Autoencoder Inria like
	-Autoencoder single layer
	-Autoencoder multi layers
Cyber_unsw_complete_analysis.ipynb	data exploration
Cyber_unsw_model.ipynb	Data Supervised model, to classify attacks of different kinds, we tested:
	-Random Forest Classifier (rfc)
	-Support Vector Classification (svm)
	-Multi-Layer Perceptron (mlp)
	-Artificial Neural Network (ann)
	-eXtreme Gradient Boosting (xgb)
	-Convolutional Neural Network (cnn)

Dataset USB IDS[modifier | modifier le wikicode]

Data[modifier | modifier le wikicode]



USB-IDS-1S-TEST.csv
USB-IDS-1S-TRAIN.csv
USB-IDS-1S-VALIDATION.csv

Notebooks[modifier | modifier le wikicode]


Notebook	Data Science step
Cyber_USB-IDS_analysis.ipynb	Data exploration

Notebooks du use case[modifier | modifier le wikicode]

Retrouvez tous les éléments du Use Case sur le GitLab du Campus Cyber :https://gitlab.com/campuscyber/gt-ia-et-cyber/-/tree/main/UC5%20Cyber%20Attack%20Use%20Case%20-%20Machine%20Learning%20Vs%20DDoS?ref_type=heads

Groupe de travail

IA et cybersécurité

@@ Ligne 1 : / Ligne 1 : @@
 {{Commun
 |ShortDescription FR=Développement du Use Case pédagogique "Machine Learning vs Attaque DDoS" dans le cadre du GT IA et Cyber
-|ImageStr=MachinelearningVS.png
+|ShortDescription EN=Development of the educational Use Case ‘Machine Learning vs DDoS Attack’ as part of the AI and Cyber WG
+|ImageStr=Mars.png
 |Status=Production
 }}
-&gt:translate>
+<translate>
-== Overview==
+== Overview== <!--T:1-->
-The use case focuses on vast varieties of intrusions and attack activities of
+The use case focuses on vast varieties of intrusions and attack activities of the network traffic. We propose three Dataset ready for exploration and modeling.
-the network traffic. We propose three Dataset ready for exploration and modeling.
-[CSE-CIC-IDS2018Datasets](https://www.unb.ca/cic/datasets/ids-2018.html#:~:text=In%20CSE-CIC-IDS2018%20dataset%2C%20we%20use%20the%20notion%20of,human%20operators%20to%20generate%20events%20on%20the%20network)
+<!--T:2-->
+* [CSE-CIC-IDS2018Datasets](https://www.unb.ca/cic/datasets/ids-2018.html#:~:text=In%20CSE-CIC-IDS2018%20dataset%2C%20we%20use%20the%20notion%20of,human%20operators%20to%20generate%20events%20on%20the%20network)
-[UNSW-NB15Datasets](https://research.unsw.edu.au/projects/unsw-nb15-dataset)
+<!--T:3-->
+* [UNSW-NB15Datasets](https://research.unsw.edu.au/projects/unsw-nb15-dataset)
-[USB-IDS Datasets](http://idsdata.ding.unisannio.it/index.html)
+<!--T:4-->
+* [USB-IDS Datasets](http://idsdata.ding.unisannio.it/index.html)
-For each cyber security dataset we propose data analysis, data standardization
+<!--T:5-->
-an modeling notebooks. In some notebooks standardization step is include in the
+For each cyber security dataset we propose data analysis, data standardization an modeling notebooks. In some notebooks standardization step is include in the modeling notebook
-modeling notebook.
-**Authors**: Christian Maréchal
+<!--T:6-->
+* Authors: Christian Maréchal
+* Keywords: Supervised Machine Learning, Half-Supervised Machine Learning, Clustering, Data Standardization
-**Keywords**: Supervised Machine Learning, Half-Supervised Machine Learning,
+==Plan of Study== <!--T:7-->
-Clustering, Data Standardization
-==Plan of Study==
+<!--T:8-->
+* Data Analysis Notebook --\> Standardization Notebook --\> Modeling Notebook
--   Data Analysis Notebook --\> Standardization Notebook --\> Modeling Notebook
+<!--T:9-->
 To make things easier each notebook can be run independently.
-Dataset Cse cic ids
+== Dataset Cse cic ids == <!--T:10-->
--------------------
-===Data===
-| cleaned_ids2018S_test.cs   |
-|----------------------------|
-| cleaned_ids2018S_train.csv |
-===Notebooks===
-| Notebook                         | Data Science step                                       |
-|----------------------------------|---------------------------------------------------------|
-| Cyber_cse-cic-ids_analysis.ipynb | *Data exploration*                                      |
-| Cyber_cse-cic-ids_model.ipynb    | *Standardization and Half-Supervised Autoencoder model* |
-Dataset Unsw
-------------
-===Data===
-| NUSW-NB15_features.utf8.csv |
-|-----------------------------|
-| UNSW_NB15S_test.csv         |
-| UNSW_NB15S_train.csv        |
-| UNSW-NB15_1.csv             |
-| UNSW-NB15_2.csv             |
-| UNSW-NB15_3.csv             |
-| UNSW-NB15_4.csv             |
-==Notebooks==
-| Notebook                            | Data Science step                                                           |
-|-------------------------------------|-----------------------------------------------------------------------------|
-| Cyber_unsw_analysis.ipynb           | *Data exploration*                                                          |
-| Cyber_unsw_analysisGmm.ipynb        | *data exploration for GMM clustering*                                       |
-| Cyber_unsw_standardization.ipynb    | *data standardization*                                                      |
-| Cyber_unsw_autoencoder.ipynb        | *Binary classifier study. Half-Supervised Autoencoder modeling, we tested:* |
-|                                     | \-logistic regression                                                       |
-|                                     | \-Autoencoder Inria like                                                    |
-|                                     | \-Autoencoder single layer                                                  |
-|                                     | \-Autoencoder multi layers                                                  |
-| Cyber_unsw_complete_analysis.ipynb  | *data exploration*                                                          |
-| Cyber_unsw_model.ipynb              | *Data Supervised model, to classify attacks of different kinds, we tested:* |
-|                                     | \-Random Forest Classifier (rfc)                                            |
-|                                     | \-Support Vector Classification (svm)                                       |
-|                                     | \-Multi-Layer Perceptron (mlp)                                              |
-|                                     | \-Artificial Neural Network (ann)                                           |
-|                                     | \-eXtreme Gradient Boosting (xgb)                                           |
-|                                     | \-Convolutional Neural Network (cnn)                                        |
-Dataset USB IDS
+===Data=== <!--T:11-->
-----------------
+{| class="wikitable"
+|+
+|cleaned_ids2018S_test.cs
+|
+|
+|
+|-
+|cleaned_ids2018S_train.csv
+|
+|
+|
+|}
-==Data==
+===Notebooks=== <!--T:12-->
+{| class="wikitable"
+|+
+!Notebook
+!Data Science step
+!
+|-
+|Cyber_cse-cic-ids_analysis.ipynb
+|''Data exploration''
+|
+|-
+|Cyber_cse-cic-ids_model.ipynb
+|''Standardization and Half-Supervised Autoencoder model''
+|
+|}
-| USB-IDS-1S-TEST.csv       |
+== Dataset Unsw == <!--T:13-->
-|---------------------------|
-| USB-IDS-1S-TRAIN.csv      |
-| USB-IDS-1S-VALIDATION.csv |
-==Notebooks==
+=== Data === <!--T:14-->
+{| class="wikitable"
+|+
+!
+!
+!
+|-
+|NUSW-NB15_features.utf8.csv
+|
+|
+|-
+|UNSW_NB15S_test.csv
+|
+|
+|-
+|UNSW_NB15S_train.csv
+|
+|
+|-
+|UNSW-NB15_1.csv
+|
+|
+|-
+|UNSW-NB15_2.csv
+|
+|
+|-
+|UNSW-NB15_3.csv
+|
+|
+|-
+|UNSW-NB15_4.csv
+|
+|
+|}
-| Notebook                     | Data Science step  |
+=== Notebooks === <!--T:15-->
-|------------------------------|--------------------|
+{| class="wikitable"
-| Cyber_USB-IDS_analysis.ipynb | *Data exploration* |
+|+
-|                              |                    |
+!Notebook
+!Data Science step
+!
+|-
+|Cyber_unsw_analysis.ipynb
+|''Data exploration''
+|
+|-
+|Cyber_unsw_analysisGmm.ipynb
+|''data exploration for GMM clustering''
+|
+|-
+|Cyber_unsw_standardization.ipynb
+|''data standardization''
+|
+|-
+|Cyber_unsw_autoencoder.ipynb
+|''Binary classifier study. Half-Supervised Autoencoder modeling, we tested:''
+|
+|-
+|
+| -logistic regression
+|
+|-
+|
+| -Autoencoder Inria like
+|
+|-
+|
+| -Autoencoder single layer
+|
+|-
+|
+| -Autoencoder multi layers
+|
+|-
+|Cyber_unsw_complete_analysis.ipynb
+|''data exploration''
+|
+|-
+|Cyber_unsw_model.ipynb
+|''Data Supervised model, to classify attacks of different kinds, we tested:''
+|
+|-
+|
+| -Random Forest Classifier (rfc)
+|
+|-
+|
+| -Support Vector Classification (svm)
+|
+|-
+|
+| -Multi-Layer Perceptron (mlp)
+|
+|-
+|
+| -Artificial Neural Network (ann)
+|
+|-
+|
+| -eXtreme Gradient Boosting (xgb)
+|
+|-
+|
+| -Convolutional Neural Network (cnn)
+|
+|}
+== Dataset USB IDS == <!--T:16-->
+=== Data === <!--T:17-->
+{| class="wikitable"
+|+
+!
+!
+!
+|-
+|USB-IDS-1S-TEST.csv
+|
+|
+|-
+|USB-IDS-1S-TRAIN.csv
+|
+|
+|-
+|USB-IDS-1S-VALIDATION.csv
+|
+|
+|}
+=== Notebooks === <!--T:18-->
+{| class="wikitable"
+|+
+!Notebook
+!Data Science step
+!
+|-
+|Cyber_USB-IDS_analysis.ipynb
+|''Data exploration''
+|
+|}
-&gt:/translate>
+== Notebooks du use case == <!--T:19-->
+Retrouvez tous les éléments du Use Case sur le GitLab du Campus Cyber :https://gitlab.com/campuscyber/gt-ia-et-cyber/-/tree/main/UC5%20Cyber%20Attack%20Use%20Case%20-%20Machine%20Learning%20Vs%20DDoS?ref_type=heads<nowiki/>
+</translate>
 {{PageSubHeader Commun
 |WorkGroup=IA et cybersécurité
 }}

« UC5 : Machine Learning vs DDoS » : différence entre les versions

Dernière version du 2 janvier 2025 à 15:51

Overview[modifier | modifier le wikicode]

Plan of Study[modifier | modifier le wikicode]

Dataset Cse cic ids[modifier | modifier le wikicode]

Data[modifier | modifier le wikicode]

Notebooks[modifier | modifier le wikicode]

Dataset Unsw[modifier | modifier le wikicode]

Data[modifier | modifier le wikicode]

Notebooks[modifier | modifier le wikicode]

Dataset USB IDS[modifier | modifier le wikicode]

Data[modifier | modifier le wikicode]

Notebooks[modifier | modifier le wikicode]

Notebooks du use case[modifier | modifier le wikicode]

Groupe de travail

« UC5 : Machine Learning vs DDoS » : différence entre les versions