Optimization of intrusion detection systems based on machine learning for cybersecurity by boosting feature engineering and model selection techniques

• Autores: Xavier Larriva Novo
• Directores de la Tesis: Victor Abraham Villagrá González (dir. tes.), Mario Vega Barbas (codir. tes.)
• Lectura: En la Universidad Politécnica de Madrid ( España ) en 2022
• Idioma: español
• Programa de doctorado: Programa de Doctorado en Ingeniería de Sistemas Telemáticos por la Universidad Politécnica de Madrid
• Materias:
  • Matemáticas
    • Ciencia de los ordenadores
      • Informática
  • Ciencias tecnológicas
    • Tecnología de las telecomunicaciones
• Texto completo no disponible (Saber más ...)
• Resumen

  • This PhD Thesis Works was developed in the context of intrusion detection systems based on Machine Learning techniques and contribute to the performance of intrusion detection systems based on feature engineering and Machine Learning model optimization. Machine Learning is in a fortunate position that makes systematic experimentation easy and profitable. In this way, the development of new systems such as intrusion detection systems based on Machine Learning has proven their effectiveness in terms of accuracy and reduced the number of false alarms. However, these systems are constantly evolving and need further research to become even more efficient and accurate. Intrusion detection systems based on Machine Learning are able to extrapolate data and detect anomalies. Nevertheless, these systems need optimal features to detect the possibility of an attack.

    The main objective of this PhD Thesis work is to design, implement and validate an intrusion detection system capable of reliably detecting cyber attacks. This system will respond to potential attacks by considering the optimization of different phases of a Machine Learning model, such as feature selection, data preprocessing, and model selection. This system will process information quickly and efficiently, considering the current state of the art in the area.

    In this PhD thesis work, an intrusion detection system has been designed based on feed-forward neural network and recurrent neural networks. Also, a characterization of cybersecurity datasets based on these models has been developed. The result is a model that allows a characterization to be applied to different network scenarios for cybersecurity anomaly detection.

    Based on this model, a distributed preprocessing model for intrusion detection systems based on Machine Learning was developed for real cybersecurity datasets with current attacks. The result was an intrusion detection system capable of processing real-world, large-scale cybersecurity datasets with high accuracy. In addition, this PhD Thesis proposes the development of a dynamic model selector capable of making the best prediction for individual Machine Learning-based intrusion detection systems, thus increasing the overall accuracy in terms of detection rate for different types of attacks. Finally, all contributions were evaluated against related state-of-the-art studies and are presented through this document as a compendium of articles for this PhD Thesis work.