anomaly-based malware detection
TRANSCRIPT
A N O M A LY- B A S E D M A LWA R E D E T E C T I O N
W H AT I S A N I D S ?
A N I D S WO R K S A L O N G S I D E F I R E WA L L S
https://latesthackingnews.com/wp-content/uploads/2017/09/IDS.png
https://miro.medium.com/max/2450/1*XOmaFChbyICBDaC8GwIHsg.png
W H Y A N O M A LY- B A S E D I D S ?
I M P ROV I N G A N O M A LY – B A S E D I D S
D E T E C T I O N W I T H M AC H I N E L E A R N I N G
M Y C A P S TO N EP RO J E C T
T H E DATA S E T
DATA P R E PA R AT I O N
Normal Vs Anomaly
O R I G I N A L M U LT I C L A S S L A B E L
TO B I N A RY & DATA B A L A N C E
Balancing data maximizes accuracy.
Used Down-sampling method.
Before Down-Sampling:
0 10317691
1 1339841
After Down-Sampling
1 1339841
0 1339841
M L L E A R N I N G E N V I RO N M E N T: AW S S AG E M A K E R
L E A R N I N G P RO C E S S
1.
2.
3.
4.
5.
6.
7.
A L G O R I T H M S U S E D
R E S U L T S
F 1 - S C O R E
R E S U L T S ( C N T ’ D … )
C O N C L U S I O N
C O D E , B E S T M O D E L F I L E , & J U P Y T E R
N OT E B O O K S :
(Including this presentation)