Yazar "Demir, Halit Canap" seçeneğine göre listele

Listeleniyor 1 - 1 / 1
  • Küçük Resim
    Öğe
    Real-time machine learning anomaly detection in computer networks
    (Türk-Alman Üniversitesi Fen Bilimler Enstitüsü, 2024) Demir, Halit Canap
    In the rapidly evolving digital world, the need for advanced security measures to protect our data has steadily increased. The growing cyber threats have made it essential to develop sophisticated Intrusion Detection Systems (IDS) that can adapt to modern network environments. In this thesis, to address this need, a system that detects malicious traffic by analyzing network traffic flows using deep learning methods is proposed. Various datasets that could be used for system development were examined, and the CICIDS2017 dataset, which stands out in terms of relevance and scope, was chosen. The CICIDS2017 dataset contains a total of 15 classes, one representing normal network traffic and the others representing different types of attacks. Training the deep learning model with a consistent and balanced dataset directly impacts system performance. Therefore, pre-processing steps such as removing missing or redundant data, eliminating irrelevant features, and balancing the number of examples in different classes were performed. Dense Neural Networks (DNN) and Random Forest (RF), methods commonly used in similar studies, were selected for the proposed model. The models developed could detect network traffic involving different types of attacks with an average accuracy of 98.5%. The main goal of this study is to detect attacks on the network. Accordingly, a version of the dataset consisting of two classes—normal network traffic and attack traffic—was created. Using this dataset, another system was developed that could detect malicious traffic with 98.8% accuracy. The systems developed in this thesis aim to detect attacks in real-time within a network. Therefore, after optimizing performance through experiments with different parameters, the models were tested in a real network environment using the NVIDIA Jetson AGX Orin embedded system. For the sustainability of the developed system, training with current network traffic and attacks is also essential. In this regard, the training of the models on the embedded system was analyzed in terms of time and performance.