fbpx Defense of a Master’s Thesis by Ni’ma Khalil in the Cyber Security Program | ARAB AMERICAN UNIVERSITY

51Թ

Contact information for Technical Support and Student Assistance ... Click here

Defense of a Master’s Thesis by Ni’ma Khalil in the Cyber Security Program

Wednesday, April 3, 2024

Researcher Ni’ma Mohammad Khalil, a student in the Master’s Program in Cyber Security, has defended her thesis titled "Intrusion Detection System for Cloud Environment Using Machine Learning".

The researcher created different types of denial-of-service attacks and applied modified algorithms to the data after calculating statistical features based on time difference between payloads passing through the encrypted channel, and tested multiple types of traditional and deep learning algorithms. This is to examine their efficiency in distinguishing four types of attacks and improve detection accuracy. Inter arrival time was calculated, which is the time difference between each two successive loads. Then, all eight loads were collected in one channel and the statistical features for each channel were calculated: Min, max, standard deviation, mean, median, entropy, and based on the statistical features, they were calculated. A label was made for each channel to collect these types in one CSV file to be processed mathematically and apply deep learning algorithms and traditional algorithms.

The experimental results confirmed that the RNN_SMOTE algorithm has proven its efficiency in detecting different types of attacks at high rates. This algorithm consists of one input layer, three hidden layers, and one output layer. The model achieved an accuracy rate of 86.25% in detecting the four types and did not face any difficulty in detecting a Smurf attack, while most models faced a problem in detecting this attack. This is due to the fact that their number was very small in the database, and despite the SMOTE application, which works to copy a number of observations of the small type to be equated with the second type; some algorithms were not able to discover them efficiently. When the Confusion Matrix was applied to some algorithms, the Smurf attack was mostly classified as TCP. Also, applying the Random Forest model had high accuracy rates, in addition to using Grid Search with some algorithms to improve the detection accuracy by identifying the best indicators.

The thesis was supervised by Dr. Firas Murrar. The committee of examiners included Dr. Akram Hamdan and Dr. Majeed Mansour.