Build machine learning-based network intrusion detection system
Speakers
Synopsis
Network Intrusion Detection Systems (NIDS) are network security software that detect malicious activities missed by regular firewalls. NIDS monitor network traffic and alerts administrators about potential threats, but they can't stop an attack themselves. Challenges such as new threats, varied attacks, and heavy traffic can reduce their effectiveness, sometimes leading to false positive alerts. To address this, Machine Learning (ML) has been integrated into NIDS, significantly improving their accuracy in detecting intrusions.
Various Machine Learning algorithms, including Deep Learning with Artificial Neural Networks, Random Forest, and Support Vector Machines (SVM), have been used to enhance NIDS.
In the workshop, we will use Python and various Machine Learning libraries to develop ML-based Network Intrusion Detection Systems (NIDS) using different algorithms and evaluate their performance.
The database that we will use is UNSW-NB15, this dataset was created using the IXIA PerfectStorm tool in the Cyber Range Lab at the Australian Centre for Cyber Security (ACCS), and it features a mix of normal and attack network activities.
Prerequisites
The prerequisites for the workshop primarily involve a Python programming environment and a few essential Python libraries. Please see the list below:
- A laptop with VS Code and Python 3.10 or higher installed
- Basic knowledge of programming fundamentals
- Python libraries: pandas, numpy, sklearn, matplotlib, seaborn, scipy
