Saldırı Tespiti için Takviyeli Öğrenme

Thumbnail Image

Files

679007 Reinforcement learning for intrusion detection.pdf (1.86 MB)

Date

2021

Authors

Journal Title

Journal ISSN

Volume Title

Publisher

Open Access Color

OpenAIRE Downloads

OpenAIRE Views

Research Projects

Organizational Units

Thumbnail Image
Organizational Unit
Software Engineering
(2005)
Department of Software Engineering was founded in 2005 as the first department in Ankara in Software Engineering. The recent developments in current technologies such as Artificial Intelligence, Machine Learning, Big Data, and Blockchains, have placed Software Engineering among the top professions of today, and the future. The academic and research activities in the department are pursued with qualified faculty at Undergraduate, Graduate and Doctorate Degree levels. Our University is one of the two universities offering a Doctorate-level program in this field. In addition to focusing on the basic phases of software (analysis, design, development, testing) and relevant methodologies in detail, our department offers education in various areas of expertise, such as Object-oriented Analysis and Design, Human-Computer Interaction, Software Quality Assurance, Software Requirement Engineering, Software Design and Architecture, Software Project Management, Software Testing and Model-Driven Software Development. The curriculum of our Department is catered to graduate individuals who are prepared to take part in any phase of software development of large-scale software in line with the requirements of the software sector. Department of Software Engineering is accredited by MÜDEK (Association for Evaluation and Accreditation of Engineering Programs) until September 30th, 2021, and has been granted the EUR-ACE label that is valid in Europe. This label provides our graduates with a vital head-start to be admitted to graduate-level programs, and into working environments in European Union countries. The Big Data and Cloud Computing Laboratory, as well as MobiLab where mobile applications are developed, SimLAB, the simulation laboratory for Medical Computing, and software education laboratories of the department are equipped with various software tools and hardware to enable our students to use state-of-the-art software technologies. Our graduates are employed in software and R&D companies (Technoparks), national/international institutions developing or utilizing software technologies (such as banks, healthcare institutions, the Information Technologies departments of private and public institutions, telecommunication companies, TÜİK, SPK, BDDK, EPDK, RK, or universities), and research institutions such TÜBİTAK.

Journal Issue

Events

Abstract

Bulut bilişim, web servisleri ve Nesnelerin İnterneti sistemleri gibi ağ tabanlı teknolojiler, esneklikleri ve üstünlükleri nedeniyle yaygın olarak kullanılmaktadır. Öte yandan, ağ tabanlı teknolojilerin katlanarak büyümesi, ağ güvenliği sorunlarının büyüklüğünü artırmaktadır. İzinsiz giriş, ağ tabanlı teknolojilerin güvenliğinin önemli bir parçasıdır. Sağlam bir saldırı tespit sistemi uygulamak, izinsiz giriş sorununu çözmek ve ağ tabanlı teknolojilerin ve hizmetlerin güvenli bir şekilde sunulmasını sağlamak için çok önemlidir. Bu tezde, izinsiz girişleri tespit etmek ve ağ uygulamalarını daha güvenli, güvenilir ve verimli hale getirmek için pekiştirmeli öğrenmeyi kullanan yeni bir yaklaşım öneriyoruz. Takviye öğrenme yaklaşımı olarak, ağ trafiği saldırılarını taklit eden ve öğrenme sürecine rehberlik eden, özel olarak uyarlanmış bir Gym ortamının yanında kullanılan derin Q-öğrenme kullanılmaktadır. Uzun-Kısa Süreli Bellek kullanan denetimli bir derin öğrenme çözümü, karşılaştırma için temel yaklaşım alarak uygulanmıştır. NSL-KDD veri kümesi, takviye öğrenme ortamını oluşturmak için kullanılmakta olup temel modeli eğitmek ve değerlendirmek için de kullanılır. Önerilen pekiştirmeli öğrenme yaklaşımının performans sonuçları, temel modele ve literatürdeki diğer çözümlere göre büyük bir üstünlük göstermektedir.
Network-based technologies such as cloud computing, web services, and Internet of Things systems are becoming widely used due to their flexibility and preeminence. On the other hand, the exponential proliferation of network-based technologies exacerbated network security concerns. Intrusion takes an important share in the security concerns surrounding network-based technologies. Developing a robust intrusion detection system is crucial to solve the intrusion problem and ensure the secure delivery of network-based technologies and services. In this thesis, a novel approach was proposed using deep reinforcement learning to detect intrusions to make network applications more secure, reliable, and efficient. As for the reinforcement learning approach, Deep Q-Learning is used alongside a custom-built Gym environment that mimics network attacks and guides the learning process. A supervised deep learning solution using a Long-Short Term Memory architecture is implemented to serve as a baseline. The NSL-KDD dataset is used to create the reinforcement learning environment and to train and evaluate the baseline model. The performance results of the proposed reinforcement learning approach show great superiority over the baseline model and the other relevant solutions from the literature.

Description

Keywords

Bilgisayar Mühendisliği Bilimleri-Bilgisayar ve Kontrol, Computer Engineering and Computer Science and Control

Turkish CoHE Thesis Center URL

Fields of Science

Citation

WoS Q

Scopus Q

Source

Volume

Issue

Start Page

0

End Page

76

URI

https://hdl.handle.net/20.500.14411/4717

Collections

Master Tezler / Master Thesis