Please use this identifier to cite or link to this item:
Title: A machine learning based approach for intrusion prevention using honeypot interaction patterns as training data
Authors: Zammit, Daniel
Keywords: Computer networks -- Security measures
Computer security
User interfaces (Computer systems)
Web sites
Issue Date: 2016
Abstract: The work conducted in this dissertation revolves around the study of various intrusion detection systems and techniques that are used for detection. Subsequently, a prototype is developed having supervised machine learning capabilities that can be deployed on a network and used by experts to help prevent attacks. The benefits of such an approach is the ability for the system to continue learning with the aid of a supervisor, eliminating the need to continuously update databases used by traditional intrusion detection systems. A platform containing several honeypots was installed on a virtual machine with unrestricted Internet access. The honeypots were used to collect interaction data generated by attackers. Cowrie, a medium interaction honeypot, was chosen for the prototype. Scripts were written to process this data into a recognisable format by WEKA, an open source machine learning software. The classification file generated by this tool is uploaded to a web server and used to present the result in a simple and concise manner. The intrusion detection prototype was validated by testing several components of the system. Tests targeted the operation of the platform, the data gathering process, the classification output and web interface. The interface hosted on the web server provides the user with real time status of the platform. The result is a functioning intrusion detection system that relies on machine learning techniques to classify traffic generated from honeypot interactions, with its benefits and limitations.
Description: B.SC.(HONS)BUS.&I.T.
Appears in Collections:Dissertations - FacEma - 2016
Dissertations - FacEMAMAn - 2016

Files in This Item:
File Description SizeFormat 
  Restricted Access
2.32 MBAdobe PDFView/Open Request a copy

Items in OAR@UM are protected by copyright, with all rights reserved, unless otherwise indicated.