Πλοήγηση ανά Συγγραφέας "Klados, Stylianos"

Τώρα δείχνει 1 - 2 of 2
  • Μικρογραφία εικόνας
    Τεκμήριο
    An implementation of a decision support system aiding in network monitoring.
    (ΕΛ.ΜΕ.ΠΑ., ΣΧΟΛΗ ΜΗΧΑΝΙΚΩΝ (ΣΜΗΧ), Τμήμα Ηλεκτρολόγων Μηχανικών και Μηχανικών Υπολογιστών, 2023-10-06) Klados, Stylianos; Κλάδος, Στυλιανός
    The growing dependence on cyberspace, which has increased over the last decade, and the rapid advancement in automated cyber-attacks require every Information Technology expert, such as network administrators, to be able to detect every cyber-incident and mitigate it at the earliest opportunity. For this to be possible, these circumstances demand the development of frameworks that can assist with such incidents. Lately, there is a pattern for the turn of events for these kinds of frameworks, based on "Situational Awareness". Supported by concepts of this theory, our research involves collecting information from heterogeneous sensors, which provide further assistance to network administrators so that they can have a comprehensive overview of what is happening across a network. This thesis elaborates upon the design and development of a neural network that detects malicious traffic and is trained on an enhanced dataset, which includes not only network-related data but also data obtained from a vulnerability assessment tool. This thesis aims to prove that a neural network, with multiple heterogeneous data inputs, provides more accurate prediction rates than a neural network which is solely trained on one type of data, in this case, network traffic data. The results of our experiment showcase that a neural network that was trained with multiple heterogeneous data inputs, has an increase in accuracy by almost 2%, in comparison with a neural network which is trained with normal network traffic data.
  • Μικρογραφία εικόνας
    Τεκμήριο
    Towards a situational awareness-oriented network intrusion detection system
    (ΕΛΜΕΠΑ, Σχολή Μηχανικών (ΣΜΗΧ), ΠΜΣ Μηχανικών Πληροφορικής, 2025-02-26) Klados, Stylianos; Κλάδος, Στυλιανός; Markakis, Evangelos; Μαρκάκης, Ευάγγελος
    In recent years, cyber-attacks have rapidly increased and become more and more sophisticated. As a result, the detection of malicious activity in cyberspace has become a complex task. Machine learning (ML)-based Network Intrusion Detection Systems (NIDS) are one of the most promising areas of study that can aid in discovering and assessing malicious activities. Such systems utilize specially created datasets to train their ML algorithms and eventually predict if an attack is occurring or not. Most ML-based NIDSs are trained on network-only data, therefore system or firewall logs, which may give critical cybersecurity incident information, are seldom used. To the best of our knowledge, a dataset that fuses such heterogeneous data for ML-based NIDS applications is not yet proposed. This thesis proposes a heterogeneous dataset that consists of three different types of data, namely: network traffic data, information stemming from a vulnerability assessment tool, and system logs. The network part of the dataset comprises NetFlow network protocol data [1]. Regarding the vulnerability part, an extra feature has been added to the dataset indicating the existence or not of any system vulnerability. Moreover, the system logs that have been added to the dataset were interpreted into numerical scores, through sentiment analysis by using Natural Language Processing (NLP). The aforementioned different types of data were time-correlated and fused into a single heterogeneous dataset. The proposed dataset was used to train six (6) ML algorithms, and the prediction results from this procedure were used to evaluate it as a training dataset. KDD'99 and CCD-IDSv1 were also utilized to train the same ML algorithms, and their prediction results were compared to those of the proposed dataset. Finally, the findings showed that the ML models trained with the suggested heterogeneous dataset had higher post-training accuracy predictions.