Detalhes bibliográficos
| Ano de defesa: |
2023 |
| Autor(a) principal: |
Lucas, Thiago José |
| Orientador(a): |
Não Informado pela instituição |
| Banca de defesa: |
Não Informado pela instituição |
| Tipo de documento: |
Tese
|
| Tipo de acesso: |
Acesso aberto |
| Idioma: |
eng |
| Instituição de defesa: |
Universidade Estadual Paulista (Unesp)
|
| Programa de Pós-Graduação: |
Não Informado pela instituição
|
| Departamento: |
Não Informado pela instituição
|
| País: |
Não Informado pela instituição
|
| Palavras-chave em Português: |
|
| Link de acesso: |
http://hdl.handle.net/11449/243763
|
Resumo: |
Maintaining Confidentiality, Integrity, and Availability requirements is a very relevant challenge for companies, governments, and corporations concerning the security of their information. Attacks on computer networks and systems have been intensifying recently, becoming more recurrent and sophisticated. Intrusion Detection Systems (IDS) are responsible for analyzing network traffic or operating systems' behavior to detect anomalous behavior and block attacks. Traditional IDS, however, have difficulty detecting more complex attack patterns, as their detection methods (by anomaly or by signature) are old and modern attacks are robust and heterogeneous. In this sense, the area of artificial intelligence, with emphasis on the field of machine learning, delivers classification algorithms capable of recognizing complex patterns, thus allowing the construction of intelligent IDS that make fewer mistakes. The field of machine learning also manages to unite different classifiers (ensemble learning) focused on solving the same problem, increasing performance concerning classification successes, but with a common problem: the high computational cost. This doctoral thesis is organized as a ``compilation of articles'' and presents a way to estimate the best classifiers to compose an ensemble based on the diversity between them. This choice allowed finding a more acceptable and less costly way to create an IDS based on ensemble learning that could decrease classification errors while reducing the computational cost. The materials and methods chosen were based on the state-of-the-art for the area obtained by a comprehensive systematic review of the literature, and the experiments were carried out on the five most relevant intrusion datasets, using the ensemble ``stacking'' method and the four supervised classifiers most common to the area. The results obtained are organized in the articles of this compilation and demonstrate that pruning for diversity solves the problem stipulated in this thesis: reduction of computational cost and increase of attacks classification hits. |
