Implementing AI-driven methodologies for cyberattack detection
View/
Keywords
Machine learning ; Artificial intelligence ; Cybersecurity ; Cyberattack detection ; Code injectionAbstract
The wide expansion of digital technologies and web applications has made daily activities easier and more amusing; however, it has led to the creation of new cybercriminal actions as well as the development of sophisticated cyberattacks. This new paradigm has made traditional defense solutions incapable of tackling the growth of cyberattacks and thus new defenses has appeared that exploit the efficacy of Artificial Intelligence systems.
Even though Machine Learning has often been used to detect and mitigate cyberattacks, the literature has several gaps and limitations that either render the current solutions unreliable or difficult to be deployed in real-life. Towards this direction and in order to address the limitations of existing works, this thesis has studied the security of Artificial Intelligence systems, surveying the current defense solutions against Adversarial Machine Learning attacks and has created a taxonomy of the identified defense solutions to facilitate researchers propose new robust defenses in the future. After identifying that Artificial Intelligence systems can be protected, this thesis focused on designing and developing Machine Learning defense methodologies against two well-known cyberattacks, known as phishing and exploit kits. The experimental results showed that the proposed methodologies, overall, improved the detection performance of phishing and exploit kit attacks, concluding that Machine Learning can be a useful weapon to stop the on-going threat of cyberattacks.
Furthermore, this thesis also studies a newly introduced code injection attack, named Server-side JavaScript Injection and proposed a methodology that has been created also as a software tool that automatically detects and exploits Server-side JavaScript Injection vulnerabilities.
Finally, this thesis has identified several directions for future research that hopefully will facilitate researchers in the future to create robust defense solutions and effectively tackle sophisticated cyberattacks.
Department
Σχολή Τεχνολογιών Πληροφορικής και Επικοινωνιών. Τμήμα Ψηφιακών ΣυστημάτωνNumber of pages
131Language
EnglishCollections
Except where otherwise noted, this item's license is described as
Αναφορά Δημιουργού-Μη Εμπορική Χρήση-Όχι Παράγωγα Έργα 3.0 Ελλάδα
Αναφορά Δημιουργού-Μη Εμπορική Χρήση-Όχι Παράγωγα Έργα 3.0 Ελλάδα