Committee Chair

Sakib, Shahnewaz Karim

Committee Member

Kizza, Joseph; Qin, Hong

Department

Dept. of Computer Science and Engineering

College

College of Engineering and Computer Science

Publisher

University of Tennessee at Chattanooga

Place of Publication

Chattanooga (Tenn.)

Abstract

Intrusion detection systems (IDS) can be improved by using machine learning to teach the IDS what traffic is normal and therefore should be allowed into a network, or what traffic is abnormal and should be denied access to a network. The performance of intrusion detection systems can be improved through the use of machine learning methods that can accurately identify and classify normal attack versus attack traffic. There are numerous machine learning methods that can be employed for the purpose of improving intrusion detection. We use the NSL-KDD dataset to evaluate various machine learning models in order to determine the most relevant features for differentiating between normal and attack traffic. Then, we perform SHAP analysis to determine which features have greater effect on the models.

Degree

M. S.; A thesis submitted to the faculty of the University of Tennessee at Chattanooga in partial fulfillment of the requirements of the degree of Master of Science.

Date

8-2024

Subject

Machine learning; Neural networks (Computer science); Computer security

Keyword

NSL-KDD; Machine Learning; Intrusion Detection; Neural Networks

Document Type

Masters theses

DCMI Type

Text

Extent

xiii, 68 leaves

Language

English

Rights

http://rightsstatements.org/vocab/InC/1.0/

License

http://creativecommons.org/licenses/by-sa/4.0/

Download

Share

COinS