« UC5 : Machine Learning vs DDoS/en » : différence entre les versions
De Wiki Campus Cyber
(Page créée avec « UC5 : Machine Learning vs DDoS ») |
(Page créée avec « == Notebooks du use case == Retrouvez tous les éléments du Use Case sur le GitLab du Campus Cyber :https://gitlab.com/campuscyber/gt-ia-et-cyber/-/tree/main/UC5%20Cyber%20Attack%20Use%20Case%20-%20Machine%20Learning%20Vs%20DDoS?ref_type=heads<nowiki/> ») |
||
| (18 versions intermédiaires par le même utilisateur non affichées) | |||
| Ligne 5 : | Ligne 5 : | ||
|Status=Production | |Status=Production | ||
}} | }} | ||
== Overview== | == Overview== | ||
The use case focuses on vast varieties of intrusions and attack activities of the network traffic. We propose three Dataset ready for exploration and modeling. | The use case focuses on vast varieties of intrusions and attack activities of the network traffic. We propose three Dataset ready for exploration and modeling. | ||
* [CSE-CIC-IDS2018Datasets](https://www.unb.ca/cic/datasets/ids-2018.html#:~:text=In%20CSE-CIC-IDS2018%20dataset%2C%20we%20use%20the%20notion%20of,human%20operators%20to%20generate%20events%20on%20the%20network) | * [CSE-CIC-IDS2018Datasets](https://www.unb.ca/cic/datasets/ids-2018.html#:~:text=In%20CSE-CIC-IDS2018%20dataset%2C%20we%20use%20the%20notion%20of,human%20operators%20to%20generate%20events%20on%20the%20network) | ||
* [UNSW-NB15Datasets](https://research.unsw.edu.au/projects/unsw-nb15-dataset) | * [UNSW-NB15Datasets](https://research.unsw.edu.au/projects/unsw-nb15-dataset) | ||
* [USB-IDS Datasets](http://idsdata.ding.unisannio.it/index.html) | * [USB-IDS Datasets](http://idsdata.ding.unisannio.it/index.html) | ||
For each cyber security dataset we propose data analysis, data standardization an modeling notebooks. In some notebooks standardization step is include in the modeling notebook | For each cyber security dataset we propose data analysis, data standardization an modeling notebooks. In some notebooks standardization step is include in the modeling notebook | ||
* Authors: Christian Maréchal | * Authors: Christian Maréchal | ||
* Keywords: Supervised Machine Learning, Half-Supervised Machine Learning, Clustering, Data Standardization | * Keywords: Supervised Machine Learning, Half-Supervised Machine Learning, Clustering, Data Standardization | ||
==Plan of Study== | ==Plan of Study== | ||
* Data Analysis Notebook --\> Standardization Notebook --\> Modeling Notebook | * Data Analysis Notebook --\> Standardization Notebook --\> Modeling Notebook | ||
To make things easier each notebook can be run independently. | To make things easier each notebook can be run independently. | ||
== Dataset Cse cic ids == | == Dataset Cse cic ids == | ||
===Data=== | ===Data=== | ||
{| class="wikitable" | {| class="wikitable" | ||
| Ligne 61 : | Ligne 40 : | ||
| | | | ||
|} | |} | ||
===Notebooks=== | ===Notebooks=== | ||
{| class="wikitable" | {| class="wikitable" | ||
| Ligne 79 : | Ligne 56 : | ||
| | | | ||
|} | |} | ||
== Dataset Unsw == | == Dataset Unsw == | ||
=== Data === | === Data === | ||
{| class="wikitable" | {| class="wikitable" | ||
| Ligne 121 : | Ligne 94 : | ||
| | | | ||
|} | |} | ||
=== Notebooks === | === Notebooks === | ||
{| class="wikitable" | {| class="wikitable" | ||
| Ligne 195 : | Ligne 166 : | ||
| | | | ||
|} | |} | ||
== Dataset USB IDS == | == Dataset USB IDS == | ||
=== Data === | === Data === | ||
{| class="wikitable" | {| class="wikitable" | ||
| Ligne 221 : | Ligne 188 : | ||
| | | | ||
|} | |} | ||
=== Notebooks === | === Notebooks === | ||
{| class="wikitable" | {| class="wikitable" | ||
| Ligne 235 : | Ligne 200 : | ||
| | | | ||
|} | |} | ||
== Notebooks du use case == | == Notebooks du use case == | ||
Retrouvez tous les éléments du Use Case sur le GitLab du Campus Cyber :https://gitlab.com/campuscyber/gt-ia-et-cyber/-/tree/main/UC5%20Cyber%20Attack%20Use%20Case%20-%20Machine%20Learning%20Vs%20DDoS?ref_type=heads<nowiki/> | Retrouvez tous les éléments du Use Case sur le GitLab du Campus Cyber :https://gitlab.com/campuscyber/gt-ia-et-cyber/-/tree/main/UC5%20Cyber%20Attack%20Use%20Case%20-%20Machine%20Learning%20Vs%20DDoS?ref_type=heads<nowiki/> | ||
{{PageSubHeader Commun | {{PageSubHeader Commun | ||
|WorkGroup=IA et cybersécurité | |WorkGroup=IA et cybersécurité | ||
}} | }} | ||
Dernière version du 2 janvier 2025 à 14:52
Développement du Use Case pédagogique "Machine Learning vs Attaque DDoS" dans le cadre du GT IA et Cyber
Catégorie : Commun Statut : Production 1 : Idée - 2 : Prototype - 3 : Validation - 4 : Production
Overview
The use case focuses on vast varieties of intrusions and attack activities of the network traffic. We propose three Dataset ready for exploration and modeling.
- [CSE-CIC-IDS2018Datasets](https://www.unb.ca/cic/datasets/ids-2018.html#:~:text=In%20CSE-CIC-IDS2018%20dataset%2C%20we%20use%20the%20notion%20of,human%20operators%20to%20generate%20events%20on%20the%20network)
- [UNSW-NB15Datasets](https://research.unsw.edu.au/projects/unsw-nb15-dataset)
- [USB-IDS Datasets](http://idsdata.ding.unisannio.it/index.html)
For each cyber security dataset we propose data analysis, data standardization an modeling notebooks. In some notebooks standardization step is include in the modeling notebook
- Authors: Christian Maréchal
- Keywords: Supervised Machine Learning, Half-Supervised Machine Learning, Clustering, Data Standardization
Plan of Study
- Data Analysis Notebook --\> Standardization Notebook --\> Modeling Notebook
To make things easier each notebook can be run independently.
Dataset Cse cic ids
Data
| cleaned_ids2018S_test.cs | |||
| cleaned_ids2018S_train.csv |
Notebooks
| Notebook | Data Science step | |
|---|---|---|
| Cyber_cse-cic-ids_analysis.ipynb | Data exploration | |
| Cyber_cse-cic-ids_model.ipynb | Standardization and Half-Supervised Autoencoder model |
Dataset Unsw
Data
| NUSW-NB15_features.utf8.csv | ||
| UNSW_NB15S_test.csv | ||
| UNSW_NB15S_train.csv | ||
| UNSW-NB15_1.csv | ||
| UNSW-NB15_2.csv | ||
| UNSW-NB15_3.csv | ||
| UNSW-NB15_4.csv |
Notebooks
| Notebook | Data Science step | |
|---|---|---|
| Cyber_unsw_analysis.ipynb | Data exploration | |
| Cyber_unsw_analysisGmm.ipynb | data exploration for GMM clustering | |
| Cyber_unsw_standardization.ipynb | data standardization | |
| Cyber_unsw_autoencoder.ipynb | Binary classifier study. Half-Supervised Autoencoder modeling, we tested: | |
| -logistic regression | ||
| -Autoencoder Inria like | ||
| -Autoencoder single layer | ||
| -Autoencoder multi layers | ||
| Cyber_unsw_complete_analysis.ipynb | data exploration | |
| Cyber_unsw_model.ipynb | Data Supervised model, to classify attacks of different kinds, we tested: | |
| -Random Forest Classifier (rfc) | ||
| -Support Vector Classification (svm) | ||
| -Multi-Layer Perceptron (mlp) | ||
| -Artificial Neural Network (ann) | ||
| -eXtreme Gradient Boosting (xgb) | ||
| -Convolutional Neural Network (cnn) |
Dataset USB IDS
Data
| USB-IDS-1S-TEST.csv | ||
| USB-IDS-1S-TRAIN.csv | ||
| USB-IDS-1S-VALIDATION.csv |
Notebooks
| Notebook | Data Science step | |
|---|---|---|
| Cyber_USB-IDS_analysis.ipynb | Data exploration |
Notebooks du use case
Retrouvez tous les éléments du Use Case sur le GitLab du Campus Cyber :https://gitlab.com/campuscyber/gt-ia-et-cyber/-/tree/main/UC5%20Cyber%20Attack%20Use%20Case%20-%20Machine%20Learning%20Vs%20DDoS?ref_type=heads
