Título: | BOTNET TRAFFIC ANALYSIS USING MACHINE LEARNING | ||||||||||||
Autor(es): |
GABRIEL MANHAES DE SOUZA |
||||||||||||
Colaborador(es): |
HELIO CORTES VIEIRA LOPES - Orientador ANDERSON OLIVEIRA DA SILVA - Coorientador |
||||||||||||
Catalogação: | 18/SET/2023 | Língua(s): | PORTUGUESE - BRAZIL |
||||||||||
Tipo: | TEXT | Subtipo: | SENIOR PROJECT | ||||||||||
Notas: |
[pt] Todos os dados constantes dos documentos são de inteira responsabilidade de seus autores. Os dados utilizados nas descrições dos documentos estão em conformidade com os sistemas da administração da PUC-Rio. [en] All data contained in the documents are the sole responsibility of the authors. The data used in the descriptions of the documents are in conformity with the systems of the administration of PUC-Rio. |
||||||||||||
Referência(s): |
[pt] https://www.maxwell.vrac.puc-rio.br/projetosEspeciais/TFCs/consultas/conteudo.php?strSecao=resultado&nrSeq=63981@1 [en] https://www.maxwell.vrac.puc-rio.br/projetosEspeciais/TFCs/consultas/conteudo.php?strSecao=resultado&nrSeq=63981@2 |
||||||||||||
DOI: | https://doi.org/10.17771/PUCRio.acad.63981 | ||||||||||||
Resumo: | |||||||||||||
The objective of this study is to satisfactorily produce a botnet traffic detection
model, using pre-processing, feature engineering and optimization techniques
specifically for the CTU-13 dataset, which has real samples of malware related
traffic in addition to normal and background traffic. The methodology, in short,
was: removal of invalid data through simple imputation; encoding; grouping in 5
second windows, source address and label; evaluation of prediction results. For
the final evaluation, the following were used: Autoencoder, Stacked
Autoencoders, Variational Autoencoder, Random Forest and KNN. All models
showed good metrics, and the best results were from Random Forest, with a 0.96
f1-score.
|
|||||||||||||
|