anomaly-based malware detection

A N O M A LY- B A S E D M A LWA R E D E T E C T I O N

W H AT I S A N I D S ?

A N I D S WO R K S A L O N G S I D E F I R E WA L L S

https://latesthackingnews.com/wp-content/uploads/2017/09/IDS.png

https://miro.medium.com/max/2450/1*XOmaFChbyICBDaC8GwIHsg.png

W H Y A N O M A LY- B A S E D I D S ?

I M P ROV I N G A N O M A LY – B A S E D I D S

D E T E C T I O N W I T H M AC H I N E L E A R N I N G

M Y C A P S TO N EP RO J E C T

T H E DATA S E T

DATA P R E PA R AT I O N

Normal Vs Anomaly

O R I G I N A L M U LT I C L A S S L A B E L

TO B I N A RY & DATA B A L A N C E

Balancing data maximizes accuracy.

Used Down-sampling method.

Before Down-Sampling:

0 10317691

1 1339841

After Down-Sampling

1 1339841

0 1339841

M L L E A R N I N G E N V I RO N M E N T: AW S S AG E M A K E R

L E A R N I N G P RO C E S S

1.

2.

3.

4.

5.

6.

7.

A L G O R I T H M S U S E D

R E S U L T S

F 1 - S C O R E

R E S U L T S ( C N T ’ D … )

C O N C L U S I O N

C O D E , B E S T M O D E L F I L E , & J U P Y T E R

N OT E B O O K S :

(Including this presentation)