| dc.contributor.author | Nemati, Mohamadamin | |
| dc.date.accessioned | 2020-12-16T18:29:27Z | |
| dc.date.available | 2020-12-16T18:29:27Z | |
| dc.date.issued | 2020-12-16T18:29:27Z | |
| dc.identifier.uri | http://hdl.handle.net/10222/80113 | |
| dc.description | With the ever-growing reliance of human beings on the Internet, the need for privacy and security is becoming more and more critical. The concern about the safety of information stored on the Internet can hinder people from using it to its fullest potential. For defending Internet servers from different adversaries and intruders, we have many schemes in place. However, their constant need for reconfiguration to filter new malware varieties can be tedious and costly for companies implementing those schemes. Machine learning (ML) can act as a remedy for this problem. By training classifiers that are not susceptible to small modifications in malware’s codes, we can build network intrusion detection systems (NIDS) that are more robust than their signature-based counterparts. | en_US |
| dc.description.abstract | Due to its enormous capabilities, machine learning has been applied to various disciplines since its emergence. Cybersecurity is no exception in this regard. However, the effectiveness of machine learning classifiers comes at a cost.
Although these classifiers’ complexity is the reason they are accurate, it is also the reason for their relative slowness. In this thesis, we try to propose a method that can be used to generate a Snort-like signature from a trained classifier. By doing this, we can get a signature (or usually multiple ones) that approximates the classifier and helps us do the filtering more efficiently. Apart from efficiency, this method can help us gain some insight into the inner-workings of the classifier.
After deriving the signatures from the classifier, we have to have an environment to evaluate our signatures. This environment should be able to simulate a real-life scenario to make the evaluation as veracious as possible.
For this evaluation, we have also proposed multiple methods that can be used for signature evaluation without divulging any confidential information inside the signature. These methods are then compared to see, which is the most suitable in different circumstances. | en_US |
| dc.language.iso | en | en_US |
| dc.subject | Machine Learning Interpretability | en_US |
| dc.subject | Holomorphic Encryption | en_US |
| dc.title | SECURE RULE MATCHING OF SIGNATURES IN DATA TRAFFIC WITH MACHINE LEARNING APPROACHES | en_US |
| dc.date.defence | 2020-12-11 | |
| dc.contributor.department | Faculty of Computer Science | en_US |
| dc.contributor.degree | Master of Science | en_US |
| dc.contributor.external-examiner | n/a | en_US |
| dc.contributor.graduate-coordinator | Dr. Michael McAllister | en_US |
| dc.contributor.thesis-reader | Dr. Vlado Keselj | en_US |
| dc.contributor.thesis-reader | Dr. Saurabh Dey | en_US |
| dc.contributor.thesis-supervisor | Dr. Srinivas (Srini) Sampalli | en_US |
| dc.contributor.ethics-approval | Not Applicable | en_US |
| dc.contributor.manuscripts | Not Applicable | en_US |
| dc.contributor.copyright-release | Yes | en_US |
