Implement IDS system integrating machine learning for Hai Dang Travel company C2NE.02 CAPSTONE PROJECT 2 1... TABLE OF CONTENTSINTRODUCTION PROJECT OBJECTIVES OPERATION DIAGRAM DATA CON
Trang 1Implement IDS system integrating machine
learning for Hai Dang Travel company
C2NE.02
CAPSTONE PROJECT 2
1
Trang 2OUR TEAM
Khai, Tran Dinh
Leader
Vu, Duong
The
Hieu, Le Quang
Hoang, Duong Ngoc
Mentor Assoc Prof
Nhu, Nguyen Gia
Trang 3TABLE OF CONTENTS
INTRODUCTION
PROJECT OBJECTIVES
OPERATION DIAGRAM DATA
CONCLUSIO
N
3
Trang 4Introduction01
Trang 5The increase in numbers and types of networked devices inevitably leads to a wider surface of attack whereas the impact of successful attacks is becoming increasingly severe as more critical responsibilities are assumed be
these devices
5
Trang 6HAI DANG TRAVEL
COMPANY
Trang 7Overseas tour
Event
Group tour
7
Trang 8Upgrade your network, warn
and prevent attacks
!!!
Trang 10We came up with a solution to deploy an IDS
system with machine learning to detect and
prevent attacks
Trang 11PROJECT OBJECTIVES 02
The goal of the project is to fulfill the requirements
of the customer
11
Trang 12PROJECT OBJECTIVES
Research new approaches for intrusion
detection does not depend on signatures.
Build an Intrusion Detection System.
Build a Machine Learning Model.
Prevent intrusion
Trang 13PRODUCT OVERVIEW
that monitors a network
or systems for malicious
activity or policy
violations
Machine learning is the study of computer algorithms that improve automatically through experience It is seen as
a subset of artificial intelligence
A data set consists of roughly two components The two components are rows and columns
Additionally, a key feature of a data set is that it is organized so that each row contains one observation 13
Trang 14OPERATION DIAGRAM03
Trang 15Company local network diagram
Hai Dang Travel
Network diagram
15
Trang 16An overview of Logical Network
Diagram
Trang 17Intrusion Detection System Operation
How IDS
work ?
Intrusion Detection System Operation 17
Trang 18Intrusion Detection System Operation
How Machine Learning Model
Works
?
Trang 19DATA PROCESSING 04
19
Trang 20DATA PROCESSING
Datasets
CSE-CIC-IDS2018 dataset
provided by the Canadian
Institute for Cybersecurity
Ten days of operation inside
Trang 21DATA PROCESSING
Datasets Overview
21
Trang 22Number of flow per attack type
Trang 23DATA PROCESSING
Datasets Problems
23
Trang 24Data cleaning and features engineering
Remove
duplicate header Replace infinity value to mean Drop all null and negative value
Remove strong correlation features
Scale the data
Trang 25Before After
Remove strong correlation features
25
Trang 26Machine Learning
Gradient Boosting
Trang 27Machine Learning
Gradient Boosting
27
Trang 28Build Decision Tree from data
down_up_ratio active_mean flow_pkts_s flow_duration label
Trang 29GRADIENT
BOOSTING
29
Trang 30GRADIENT
BOOSTING
Trang 31PRODUCT DEMO
31
Trang 32In this project, we tried our best and finished it However, there are still some issues that need to be improved
in the latest updates In addition, our project has received a lot of positive contributions from international friends through GitHub