Repository logo
 

SECURE RULE MATCHING OF SIGNATURES IN DATA TRAFFIC WITH MACHINE LEARNING APPROACHES

Simple item page
dc.contributor.authorNemati, Mohamadamin
dc.contributor.copyright-releaseYesen_US
dc.contributor.degreeMaster of Scienceen_US
dc.contributor.departmentFaculty of Computer Scienceen_US
dc.contributor.ethics-approvalNot Applicableen_US
dc.contributor.external-examinern/aen_US
dc.contributor.graduate-coordinatorDr. Michael McAllisteren_US
dc.contributor.manuscriptsNot Applicableen_US
dc.contributor.thesis-readerDr. Vlado Keseljen_US
dc.contributor.thesis-readerDr. Saurabh Deyen_US
dc.contributor.thesis-supervisorDr. Srinivas (Srini) Sampallien_US
dc.date.accessioned2020-12-16T18:29:27Z
dc.date.available2020-12-16T18:29:27Z
dc.date.defence2020-12-11
dc.date.issued2020-12-16T18:29:27Z
dc.descriptionWith the ever-growing reliance of human beings on the Internet, the need for privacy and security is becoming more and more critical. The concern about the safety of information stored on the Internet can hinder people from using it to its fullest potential. For defending Internet servers from different adversaries and intruders, we have many schemes in place. However, their constant need for reconfiguration to filter new malware varieties can be tedious and costly for companies implementing those schemes. Machine learning (ML) can act as a remedy for this problem. By training classifiers that are not susceptible to small modifications in malware’s codes, we can build network intrusion detection systems (NIDS) that are more robust than their signature-based counterparts.en_US
dc.description.abstractDue to its enormous capabilities, machine learning has been applied to various disciplines since its emergence. Cybersecurity is no exception in this regard. However, the effectiveness of machine learning classifiers comes at a cost. Although these classifiers’ complexity is the reason they are accurate, it is also the reason for their relative slowness. In this thesis, we try to propose a method that can be used to generate a Snort-like signature from a trained classifier. By doing this, we can get a signature (or usually multiple ones) that approximates the classifier and helps us do the filtering more efficiently. Apart from efficiency, this method can help us gain some insight into the inner-workings of the classifier. After deriving the signatures from the classifier, we have to have an environment to evaluate our signatures. This environment should be able to simulate a real-life scenario to make the evaluation as veracious as possible. For this evaluation, we have also proposed multiple methods that can be used for signature evaluation without divulging any confidential information inside the signature. These methods are then compared to see, which is the most suitable in different circumstances.en_US
dc.identifier.urihttp://hdl.handle.net/10222/80113
dc.language.isoenen_US
dc.subjectMachine Learning Interpretabilityen_US
dc.subjectHolomorphic Encryptionen_US
dc.titleSECURE RULE MATCHING OF SIGNATURES IN DATA TRAFFIC WITH MACHINE LEARNING APPROACHESen_US

Files

Original bundle

Now showing 1 - 1 of 1
Thumbnail Image
Name:
Nemati-Mohamadamin-MSc-CSCI-December-2020.pdf
Size:
923.45 KB
Format:
Adobe Portable Document Format
Description:
Master of Computer Science Thesis
Download

License bundle

Now showing 1 - 1 of 1
No Thumbnail Available
Name:
license.txt
Size:
1.71 KB
Format:
Item-specific license agreed upon to submission
Description:
Download

Collections

Faculty of Graduate Studies Online Theses