Método híbrido de detecção de intrusão aplicando inteligência artificial
Autor(a) principal: | |
---|---|
Data de Publicação: | 2018 |
Tipo de documento: | Dissertação |
Idioma: | por |
Título da fonte: | Biblioteca Digital de Teses e Dissertações do UNIOESTE |
Texto Completo: | http://tede.unioeste.br/handle/tede/3534 |
Resumo: | The last decades have been marked by rapid technological development, which was accelerated by the creation of computer networks, and emphatically by the spread and growth of the Internet. As a consequence of this context, private and confidential data of the most diverse areas began to be treated and stored in distributed environments, making vital the security of this data. Due to this fact, the number and variety of attacks on computer systems increased, mainly due to the exploitation of vulnerabilities. Thence, the area of intrusion detection research has gained notoriety, and hybrid detection methods using Artificial Intelligence techniques have been achieving more satisfactory results than the use of such approaches individually. This work consists of a Hybrid method of intrusion detection combining Artificial Neural Network (ANN) and K-Nearest Neighbors KNN techniques. The evaluation of the proposed Hybrid method and the comparison with ANN and KNN techniques individually were developed according to the steps of the Knowledge Discovery in Databases process. For the realization of the experiments, the NSL-KDD public database was selected and, with the attribute selection task, five sub-bases were derived. The experimental results showed that the Hybrid method had better accuracy in relation to ANN in all configurations, whereas in relation to KNN, it reached equivalent accuracy and showed a significant reduction in processing time. Finally, it should be emphasized that among the hybrid configurations evaluated quantitatively and statistically, the best performances in terms of accuracy and classification time were obtained by the hybrid approaches HIB(P25-N75)-C, HIB(P25-N75)-30 and HIB(P25-N75)-20. |
id |
UNIOESTE-1_41b1dc4e03a443730ad8ef3e45b41360 |
---|---|
oai_identifier_str |
oai:tede.unioeste.br:tede/3534 |
network_acronym_str |
UNIOESTE-1 |
network_name_str |
Biblioteca Digital de Teses e Dissertações do UNIOESTE |
repository_id_str |
|
spelling |
Machado, Renato Bobsonhttp://lattes.cnpq.br/8407723021436270Machado, Renato Bobsinhttp://lattes.cnpq.br/8407723021436270Silva, Rômulo Césarhttp://lattes.cnpq.br/6868372533000061Reginato, Romeuhttp://lattes.cnpq.br/9166033914580991http://lattes.cnpq.br/2212198985055928Souza, Cristiano Antonio de2018-04-06T14:31:39Z2018-02-09Souza, Cristiano Antonio de. Método híbrido de detecção de intrusão aplicando inteligência artificial. 2018. 113 p.. Dissertação (Mestrado em Engenharia Elétrica e Computação) - Universidade Estadual do Oeste do Paraná, Campus de Foz do Iguaçu, 2018.http://tede.unioeste.br/handle/tede/3534The last decades have been marked by rapid technological development, which was accelerated by the creation of computer networks, and emphatically by the spread and growth of the Internet. As a consequence of this context, private and confidential data of the most diverse areas began to be treated and stored in distributed environments, making vital the security of this data. Due to this fact, the number and variety of attacks on computer systems increased, mainly due to the exploitation of vulnerabilities. Thence, the area of intrusion detection research has gained notoriety, and hybrid detection methods using Artificial Intelligence techniques have been achieving more satisfactory results than the use of such approaches individually. This work consists of a Hybrid method of intrusion detection combining Artificial Neural Network (ANN) and K-Nearest Neighbors KNN techniques. The evaluation of the proposed Hybrid method and the comparison with ANN and KNN techniques individually were developed according to the steps of the Knowledge Discovery in Databases process. For the realization of the experiments, the NSL-KDD public database was selected and, with the attribute selection task, five sub-bases were derived. The experimental results showed that the Hybrid method had better accuracy in relation to ANN in all configurations, whereas in relation to KNN, it reached equivalent accuracy and showed a significant reduction in processing time. Finally, it should be emphasized that among the hybrid configurations evaluated quantitatively and statistically, the best performances in terms of accuracy and classification time were obtained by the hybrid approaches HIB(P25-N75)-C, HIB(P25-N75)-30 and HIB(P25-N75)-20.As últimas décadas têm sido marcadas pelo rápido desenvolvimento tecnológico, o qual foi acelerado pela criação das redes de computadores, e enfaticamente pela disseminação e crescimento da Internet. Como consequência deste contexto, dados privados e sigilosos das mais diversas áreas passaram a ser tratados e armazenados em ambientes distribuídos, tornando-se vital a segurança dos mesmos. Decorrente ao fato, observa-se um crescimento na quantidade e variedade de ataques a sistemas computacionais, principalmente pela exploração de vulnerabilidades. Em função desse contexto, a área de pesquisa em detecção de intrusão tem ganhado notoriedade, e os métodos híbridos de detecção utilizando técnicas de Inteligência Artificial vêm alcançando resultados mais satisfatórios do que a utilização de tais abordagens de modo individual. Este trabalho consiste em um método Híbrido de detecção de intrusão combinando as técnicas Redes Neurais Artificiais (RNA) e K-Nearest Neighbors (KNN). A avaliação do método Híbrido proposto e a comparação com as técnicas de RNA e KNN isoladamente foram desenvolvidas de acordo com as etapas do processo de Knowledge Discovery in Databases (KDD) . Para a realização dos experimentos selecionou-se a base de dados pública NSL-KDD, sendo que com o processo de seleção de atributos derivou-se cinco sub-bases. Os resultados experimentais comprovaram que o método Híbrido teve melhor acurácia em relação a RNA em todas as configurações, ao passo que em relação ao KNN, alcançou acurácia equivalente e apresentou relevante redução no tempo de processamento. Por fim, cabe ressaltar que dentre as configurações híbridas avaliadas quantitativa e estatisticamente, os melhores desempenhos em termos de acurácia e tempo de classificação foram obtidos pelas abordagens híbridas HIB(P25- N75)-C, HIB(P25-N75)-30 e HIB(P25-N75)-20.Submitted by Miriam Lucas (miriam.lucas@unioeste.br) on 2018-04-06T14:31:39Z No. of bitstreams: 2 Cristiano_Antonio_de_Souza_2018.pdf: 2020023 bytes, checksum: 1105b369d497031759e007333c20cad9 (MD5) license_rdf: 0 bytes, checksum: d41d8cd98f00b204e9800998ecf8427e (MD5)Made available in DSpace on 2018-04-06T14:31:39Z (GMT). No. of bitstreams: 2 Cristiano_Antonio_de_Souza_2018.pdf: 2020023 bytes, checksum: 1105b369d497031759e007333c20cad9 (MD5) license_rdf: 0 bytes, checksum: d41d8cd98f00b204e9800998ecf8427e (MD5) Previous issue date: 2018-02-09Coordenação de Aperfeiçoamento de Pessoal de Nível Superior - CAPESapplication/pdfpor8774263440366006536500Universidade Estadual do Oeste do ParanáFoz do IguaçuPrograma de Pós-Graduação em Engenharia Elétrica e ComputaçãoUNIOESTEBrasilCentro de Engenharias e Ciências Exatashttp://creativecommons.org/licenses/by-nc-nd/4.0/info:eu-repo/semantics/openAccessRedes neurais artificiaisK-Nearest neighborSegurança computacionalArtificial neural networksK-Nearest neighborNetwork securitySISTEMAS DINÂMICOS E ENERGÉTICOSMétodo híbrido de detecção de intrusão aplicando inteligência artificialHybrid intrusion detection applying artificial inteligenceinfo:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/masterThesis-1040084669565072649600600600-77344021240821469222075167498588264571reponame:Biblioteca Digital de Teses e Dissertações do UNIOESTEinstname:Universidade Estadual do Oeste do Paraná (UNIOESTE)instacron:UNIOESTEORIGINALCristiano_Antonio_de_Souza_2018.pdfCristiano_Antonio_de_Souza_2018.pdfapplication/pdf2020023http://tede.unioeste.br:8080/tede/bitstream/tede/3534/5/Cristiano_Antonio_de_Souza_2018.pdf1105b369d497031759e007333c20cad9MD55CC-LICENSElicense_urllicense_urltext/plain; charset=utf-849http://tede.unioeste.br:8080/tede/bitstream/tede/3534/2/license_url4afdbb8c545fd630ea7db775da747b2fMD52license_textlicense_texttext/html; charset=utf-80http://tede.unioeste.br:8080/tede/bitstream/tede/3534/3/license_textd41d8cd98f00b204e9800998ecf8427eMD53license_rdflicense_rdfapplication/rdf+xml; charset=utf-80http://tede.unioeste.br:8080/tede/bitstream/tede/3534/4/license_rdfd41d8cd98f00b204e9800998ecf8427eMD54LICENSElicense.txtlicense.txttext/plain; charset=utf-82165http://tede.unioeste.br:8080/tede/bitstream/tede/3534/1/license.txtbd3efa91386c1718a7f26a329fdcb468MD51tede/35342018-04-06 11:31:39.928oai:tede.unioeste.br:tede/3534Tk9UQTogQ09MT1FVRSBBUVVJIEEgU1VBIFBSw5NQUklBIExJQ0VOw4dBCkVzdGEgbGljZW7Dp2EgZGUgZXhlbXBsbyDDqSBmb3JuZWNpZGEgYXBlbmFzIHBhcmEgZmlucyBpbmZvcm1hdGl2b3MuCgpMSUNFTsOHQSBERSBESVNUUklCVUnDh8ODTyBOw4NPLUVYQ0xVU0lWQQoKQ29tIGEgYXByZXNlbnRhw6fDo28gZGVzdGEgbGljZW7Dp2EsIHZvY8OqIChvIGF1dG9yIChlcykgb3UgbyB0aXR1bGFyIGRvcyBkaXJlaXRvcyBkZSBhdXRvcikgY29uY2VkZSDDoCBVbml2ZXJzaWRhZGUgClhYWCAoU2lnbGEgZGEgVW5pdmVyc2lkYWRlKSBvIGRpcmVpdG8gbsOjby1leGNsdXNpdm8gZGUgcmVwcm9kdXppciwgIHRyYWR1emlyIChjb25mb3JtZSBkZWZpbmlkbyBhYmFpeG8pLCBlL291IApkaXN0cmlidWlyIGEgc3VhIHRlc2Ugb3UgZGlzc2VydGHDp8OjbyAoaW5jbHVpbmRvIG8gcmVzdW1vKSBwb3IgdG9kbyBvIG11bmRvIG5vIGZvcm1hdG8gaW1wcmVzc28gZSBlbGV0csO0bmljbyBlIAplbSBxdWFscXVlciBtZWlvLCBpbmNsdWluZG8gb3MgZm9ybWF0b3Mgw6F1ZGlvIG91IHbDrWRlby4KClZvY8OqIGNvbmNvcmRhIHF1ZSBhIFNpZ2xhIGRlIFVuaXZlcnNpZGFkZSBwb2RlLCBzZW0gYWx0ZXJhciBvIGNvbnRlw7pkbywgdHJhbnNwb3IgYSBzdWEgdGVzZSBvdSBkaXNzZXJ0YcOnw6NvIApwYXJhIHF1YWxxdWVyIG1laW8gb3UgZm9ybWF0byBwYXJhIGZpbnMgZGUgcHJlc2VydmHDp8Ojby4KClZvY8OqIHRhbWLDqW0gY29uY29yZGEgcXVlIGEgU2lnbGEgZGUgVW5pdmVyc2lkYWRlIHBvZGUgbWFudGVyIG1haXMgZGUgdW1hIGPDs3BpYSBhIHN1YSB0ZXNlIG91IApkaXNzZXJ0YcOnw6NvIHBhcmEgZmlucyBkZSBzZWd1cmFuw6dhLCBiYWNrLXVwIGUgcHJlc2VydmHDp8Ojby4KClZvY8OqIGRlY2xhcmEgcXVlIGEgc3VhIHRlc2Ugb3UgZGlzc2VydGHDp8OjbyDDqSBvcmlnaW5hbCBlIHF1ZSB2b2PDqiB0ZW0gbyBwb2RlciBkZSBjb25jZWRlciBvcyBkaXJlaXRvcyBjb250aWRvcyAKbmVzdGEgbGljZW7Dp2EuIFZvY8OqIHRhbWLDqW0gZGVjbGFyYSBxdWUgbyBkZXDDs3NpdG8gZGEgc3VhIHRlc2Ugb3UgZGlzc2VydGHDp8OjbyBuw6NvLCBxdWUgc2VqYSBkZSBzZXUgCmNvbmhlY2ltZW50bywgaW5mcmluZ2UgZGlyZWl0b3MgYXV0b3JhaXMgZGUgbmluZ3XDqW0uCgpDYXNvIGEgc3VhIHRlc2Ugb3UgZGlzc2VydGHDp8OjbyBjb250ZW5oYSBtYXRlcmlhbCBxdWUgdm9jw6ogbsOjbyBwb3NzdWkgYSB0aXR1bGFyaWRhZGUgZG9zIGRpcmVpdG9zIGF1dG9yYWlzLCB2b2PDqiAKZGVjbGFyYSBxdWUgb2J0ZXZlIGEgcGVybWlzc8OjbyBpcnJlc3RyaXRhIGRvIGRldGVudG9yIGRvcyBkaXJlaXRvcyBhdXRvcmFpcyBwYXJhIGNvbmNlZGVyIMOgIFNpZ2xhIGRlIFVuaXZlcnNpZGFkZSAKb3MgZGlyZWl0b3MgYXByZXNlbnRhZG9zIG5lc3RhIGxpY2Vuw6dhLCBlIHF1ZSBlc3NlIG1hdGVyaWFsIGRlIHByb3ByaWVkYWRlIGRlIHRlcmNlaXJvcyBlc3TDoSBjbGFyYW1lbnRlIAppZGVudGlmaWNhZG8gZSByZWNvbmhlY2lkbyBubyB0ZXh0byBvdSBubyBjb250ZcO6ZG8gZGEgdGVzZSBvdSBkaXNzZXJ0YcOnw6NvIG9yYSBkZXBvc2l0YWRhLgoKQ0FTTyBBIFRFU0UgT1UgRElTU0VSVEHDh8ODTyBPUkEgREVQT1NJVEFEQSBURU5IQSBTSURPIFJFU1VMVEFETyBERSBVTSBQQVRST0PDjU5JTyBPVSAKQVBPSU8gREUgVU1BIEFHw4pOQ0lBIERFIEZPTUVOVE8gT1UgT1VUUk8gT1JHQU5JU01PIFFVRSBOw4NPIFNFSkEgQSBTSUdMQSBERSAKVU5JVkVSU0lEQURFLCBWT0PDiiBERUNMQVJBIFFVRSBSRVNQRUlUT1UgVE9ET1MgRSBRVUFJU1FVRVIgRElSRUlUT1MgREUgUkVWSVPDg08gQ09NTyAKVEFNQsOJTSBBUyBERU1BSVMgT0JSSUdBw4fDlUVTIEVYSUdJREFTIFBPUiBDT05UUkFUTyBPVSBBQ09SRE8uCgpBIFNpZ2xhIGRlIFVuaXZlcnNpZGFkZSBzZSBjb21wcm9tZXRlIGEgaWRlbnRpZmljYXIgY2xhcmFtZW50ZSBvIHNldSBub21lIChzKSBvdSBvKHMpIG5vbWUocykgZG8ocykgCmRldGVudG9yKGVzKSBkb3MgZGlyZWl0b3MgYXV0b3JhaXMgZGEgdGVzZSBvdSBkaXNzZXJ0YcOnw6NvLCBlIG7Do28gZmFyw6EgcXVhbHF1ZXIgYWx0ZXJhw6fDo28sIGFsw6ltIGRhcXVlbGFzIApjb25jZWRpZGFzIHBvciBlc3RhIGxpY2Vuw6dhLgo=Biblioteca Digital de Teses e Dissertaçõeshttp://tede.unioeste.br/PUBhttp://tede.unioeste.br/oai/requestbiblioteca.repositorio@unioeste.bropendoar:2018-04-06T14:31:39Biblioteca Digital de Teses e Dissertações do UNIOESTE - Universidade Estadual do Oeste do Paraná (UNIOESTE)false |
dc.title.por.fl_str_mv |
Método híbrido de detecção de intrusão aplicando inteligência artificial |
dc.title.alternative.eng.fl_str_mv |
Hybrid intrusion detection applying artificial inteligence |
title |
Método híbrido de detecção de intrusão aplicando inteligência artificial |
spellingShingle |
Método híbrido de detecção de intrusão aplicando inteligência artificial Souza, Cristiano Antonio de Redes neurais artificiais K-Nearest neighbor Segurança computacional Artificial neural networks K-Nearest neighbor Network security SISTEMAS DINÂMICOS E ENERGÉTICOS |
title_short |
Método híbrido de detecção de intrusão aplicando inteligência artificial |
title_full |
Método híbrido de detecção de intrusão aplicando inteligência artificial |
title_fullStr |
Método híbrido de detecção de intrusão aplicando inteligência artificial |
title_full_unstemmed |
Método híbrido de detecção de intrusão aplicando inteligência artificial |
title_sort |
Método híbrido de detecção de intrusão aplicando inteligência artificial |
author |
Souza, Cristiano Antonio de |
author_facet |
Souza, Cristiano Antonio de |
author_role |
author |
dc.contributor.advisor1.fl_str_mv |
Machado, Renato Bobson |
dc.contributor.advisor1Lattes.fl_str_mv |
http://lattes.cnpq.br/8407723021436270 |
dc.contributor.referee1.fl_str_mv |
Machado, Renato Bobsin |
dc.contributor.referee1Lattes.fl_str_mv |
http://lattes.cnpq.br/8407723021436270 |
dc.contributor.referee2.fl_str_mv |
Silva, Rômulo César |
dc.contributor.referee2Lattes.fl_str_mv |
http://lattes.cnpq.br/6868372533000061 |
dc.contributor.referee3.fl_str_mv |
Reginato, Romeu |
dc.contributor.referee3Lattes.fl_str_mv |
http://lattes.cnpq.br/9166033914580991 |
dc.contributor.authorLattes.fl_str_mv |
http://lattes.cnpq.br/2212198985055928 |
dc.contributor.author.fl_str_mv |
Souza, Cristiano Antonio de |
contributor_str_mv |
Machado, Renato Bobson Machado, Renato Bobsin Silva, Rômulo César Reginato, Romeu |
dc.subject.por.fl_str_mv |
Redes neurais artificiais K-Nearest neighbor Segurança computacional |
topic |
Redes neurais artificiais K-Nearest neighbor Segurança computacional Artificial neural networks K-Nearest neighbor Network security SISTEMAS DINÂMICOS E ENERGÉTICOS |
dc.subject.eng.fl_str_mv |
Artificial neural networks K-Nearest neighbor Network security |
dc.subject.cnpq.fl_str_mv |
SISTEMAS DINÂMICOS E ENERGÉTICOS |
description |
The last decades have been marked by rapid technological development, which was accelerated by the creation of computer networks, and emphatically by the spread and growth of the Internet. As a consequence of this context, private and confidential data of the most diverse areas began to be treated and stored in distributed environments, making vital the security of this data. Due to this fact, the number and variety of attacks on computer systems increased, mainly due to the exploitation of vulnerabilities. Thence, the area of intrusion detection research has gained notoriety, and hybrid detection methods using Artificial Intelligence techniques have been achieving more satisfactory results than the use of such approaches individually. This work consists of a Hybrid method of intrusion detection combining Artificial Neural Network (ANN) and K-Nearest Neighbors KNN techniques. The evaluation of the proposed Hybrid method and the comparison with ANN and KNN techniques individually were developed according to the steps of the Knowledge Discovery in Databases process. For the realization of the experiments, the NSL-KDD public database was selected and, with the attribute selection task, five sub-bases were derived. The experimental results showed that the Hybrid method had better accuracy in relation to ANN in all configurations, whereas in relation to KNN, it reached equivalent accuracy and showed a significant reduction in processing time. Finally, it should be emphasized that among the hybrid configurations evaluated quantitatively and statistically, the best performances in terms of accuracy and classification time were obtained by the hybrid approaches HIB(P25-N75)-C, HIB(P25-N75)-30 and HIB(P25-N75)-20. |
publishDate |
2018 |
dc.date.accessioned.fl_str_mv |
2018-04-06T14:31:39Z |
dc.date.issued.fl_str_mv |
2018-02-09 |
dc.type.status.fl_str_mv |
info:eu-repo/semantics/publishedVersion |
dc.type.driver.fl_str_mv |
info:eu-repo/semantics/masterThesis |
format |
masterThesis |
status_str |
publishedVersion |
dc.identifier.citation.fl_str_mv |
Souza, Cristiano Antonio de. Método híbrido de detecção de intrusão aplicando inteligência artificial. 2018. 113 p.. Dissertação (Mestrado em Engenharia Elétrica e Computação) - Universidade Estadual do Oeste do Paraná, Campus de Foz do Iguaçu, 2018. |
dc.identifier.uri.fl_str_mv |
http://tede.unioeste.br/handle/tede/3534 |
identifier_str_mv |
Souza, Cristiano Antonio de. Método híbrido de detecção de intrusão aplicando inteligência artificial. 2018. 113 p.. Dissertação (Mestrado em Engenharia Elétrica e Computação) - Universidade Estadual do Oeste do Paraná, Campus de Foz do Iguaçu, 2018. |
url |
http://tede.unioeste.br/handle/tede/3534 |
dc.language.iso.fl_str_mv |
por |
language |
por |
dc.relation.program.fl_str_mv |
-1040084669565072649 |
dc.relation.confidence.fl_str_mv |
600 600 600 |
dc.relation.department.fl_str_mv |
-7734402124082146922 |
dc.relation.sponsorship.fl_str_mv |
2075167498588264571 |
dc.rights.driver.fl_str_mv |
http://creativecommons.org/licenses/by-nc-nd/4.0/ info:eu-repo/semantics/openAccess |
rights_invalid_str_mv |
http://creativecommons.org/licenses/by-nc-nd/4.0/ |
eu_rights_str_mv |
openAccess |
dc.format.none.fl_str_mv |
application/pdf |
dc.publisher.none.fl_str_mv |
Universidade Estadual do Oeste do Paraná Foz do Iguaçu |
dc.publisher.program.fl_str_mv |
Programa de Pós-Graduação em Engenharia Elétrica e Computação |
dc.publisher.initials.fl_str_mv |
UNIOESTE |
dc.publisher.country.fl_str_mv |
Brasil |
dc.publisher.department.fl_str_mv |
Centro de Engenharias e Ciências Exatas |
publisher.none.fl_str_mv |
Universidade Estadual do Oeste do Paraná Foz do Iguaçu |
dc.source.none.fl_str_mv |
reponame:Biblioteca Digital de Teses e Dissertações do UNIOESTE instname:Universidade Estadual do Oeste do Paraná (UNIOESTE) instacron:UNIOESTE |
instname_str |
Universidade Estadual do Oeste do Paraná (UNIOESTE) |
instacron_str |
UNIOESTE |
institution |
UNIOESTE |
reponame_str |
Biblioteca Digital de Teses e Dissertações do UNIOESTE |
collection |
Biblioteca Digital de Teses e Dissertações do UNIOESTE |
bitstream.url.fl_str_mv |
http://tede.unioeste.br:8080/tede/bitstream/tede/3534/5/Cristiano_Antonio_de_Souza_2018.pdf http://tede.unioeste.br:8080/tede/bitstream/tede/3534/2/license_url http://tede.unioeste.br:8080/tede/bitstream/tede/3534/3/license_text http://tede.unioeste.br:8080/tede/bitstream/tede/3534/4/license_rdf http://tede.unioeste.br:8080/tede/bitstream/tede/3534/1/license.txt |
bitstream.checksum.fl_str_mv |
1105b369d497031759e007333c20cad9 4afdbb8c545fd630ea7db775da747b2f d41d8cd98f00b204e9800998ecf8427e d41d8cd98f00b204e9800998ecf8427e bd3efa91386c1718a7f26a329fdcb468 |
bitstream.checksumAlgorithm.fl_str_mv |
MD5 MD5 MD5 MD5 MD5 |
repository.name.fl_str_mv |
Biblioteca Digital de Teses e Dissertações do UNIOESTE - Universidade Estadual do Oeste do Paraná (UNIOESTE) |
repository.mail.fl_str_mv |
biblioteca.repositorio@unioeste.br |
_version_ |
1801124548217667584 |