Μελέτη τεχνικών εξόρυξης δεδομένων και μηχανικής μάθησης για χρήση σε συστήματα ανίχνευσης εισβολών
Master Thesis
Author
Καραγιάννης, Ευάγγελος
Date
2017View/ Open
Abstract
In recent years there has been an upsurge in the number of attacks on the internet. In addition, attacks are now better organised and manage to penetrate the traditional protection mechanisms of an information system. Highly trained professional are hiding behind these attacks. Their main motive is profit, since cybercrime has evolved into a profitable business, which means that attacks will evolve continuously and cyber criminals will constantly develop new attacks to penetrate the information protection shields. This has raised many concerns among people, companies and the scientific community that is concerned with finding new methods and developing new systems that will be effective and provide a high level of safety. Particular attention is paid to Intrusion Detection Systems (IDS), which are one of the most important defense shields because they are the ones that will have to detect the threats at the time they are, that is, in real time. Intrusion detection systems are among the most critical parts of the overall protection mechanism because they are at the forefront of defense. Although such a critical element of the whole infrastructure, intrusion detection systems use fairly old detection technologies and are mainly based on signature based signature detection, a method that is obsolete and no longer effective for detecting zero-day invasions that are the number one threat to an information system. To increase the effectiveness of these systems, scientific research has focused on new methods and techniques used in the fields of data mining, mechanical learning and anomalies detection. This is because modern intrusion detection systems now have to be able to handle and analyse large volumes of data in order to detect intrusions and without continuous feedback and customization by the user. In general, systems should be able to understand and act on their own in most cases, while the user should only be involved in critical decisions or actions. In this dissertation we will study and report some basic elements and methods of all the above-mentioned areas, special attention will be paid to unsupervised engineering techniques and more specifically to subspace clustering.