ISEP - DM - Engenharia de Sistemas Computacionais Críticos
Permanent URI for this collection
Browse
Browsing ISEP - DM - Engenharia de Sistemas Computacionais Críticos by Subject "Anomaly Detection"
Now showing 1 - 1 of 1
Results Per Page
Sort Options
- Integrated monitoring for cyber-security in residential scenariosPublication . Carneiro, Mário Miguel Silva de Sá; Ferreira, Luís Miguel Moreira LinoThe increasing number of Internet of Things devices and the increasing adoption of smart homes have led to an increase in risk related to cybersecurity. The purpose of this dissertation is to examine these limitations and propose innovative solutions for anomaly detection using machine learning (ML) methods. The objectives and motivations for this work, which focuses on improving home network security, are explained in Chapter 1, which also provides a review of smart homes and their connections with cybersecurity issues. In Chapter 2, "State of the Art," the rise of IoT in everyday use and related safety concerns are addressed. In addition, it covers over basic concepts like machine learning strategies and the way these interact with intrusion detection systems (IDS). In order to mitigate increasing threats it considers that integrating ML with cybersecurity in IoT systems is important. The machine learning techniques selected for this project are presented in Chapter 3, with a focus on creating a reliable anomaly detection pipeline.Comprehensive data pre-processing, including cleaning, merging, normalization, and analysis, ensures sure the data is suitable for model training. In Chapter 4, training individual and ensemble models will be addressed along with an analysis of performance metrics in scenarios using binary and multi-class classification.Z-Score normalization is one strategy that is frequently used to handle unbalanced datasets. It has been demonstrated to perform better than Min-Max, especially when applied to the UNSW-NB15 dataset. The implementation of APIs using Streamlit for real-time visualisation and FastAPI for backend integration with ML models will be discussed in Chapter 5.This combination enables the ability to anticipate cyberattacks and visually represent anomalies in an effective way. The testbed built to automate cyberattacks and extract important features for model training will be discussed in detail in Chapter 6. The results of the evaluations, that compare the performance of the individual models and the ensemble, are presented in Chapter 7. The ensemble performed better than expected, especially when it came to identifying anomalies in multi-class environments. It achieved this with high accuracy and a significant reduction in false positives and negatives. Chapter 8 ends with an overview of the project’s conclusions and contributions.The main findings emphasize the significance of selecting normalization strategies and the advantages of using ensemble models to improve attack detection.