Integrated monitoring for cyber-security in residential scenarios

Bibliographic Details
Main Author: Carneiro, Mário Miguel Silva de Sá
Publication Date: 2024
Format: Master thesis
Language: eng
Source: Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)
Download full: http://hdl.handle.net/10400.22/26320
Summary: The increasing number of Internet of Things devices and the increasing adoption of smart homes have led to an increase in risk related to cybersecurity. The purpose of this dissertation is to examine these limitations and propose innovative solutions for anomaly detection using machine learning (ML) methods. The objectives and motivations for this work, which focuses on improving home network security, are explained in Chapter 1, which also provides a review of smart homes and their connections with cybersecurity issues. In Chapter 2, "State of the Art," the rise of IoT in everyday use and related safety concerns are addressed. In addition, it covers over basic concepts like machine learning strategies and the way these interact with intrusion detection systems (IDS). In order to mitigate increasing threats it considers that integrating ML with cybersecurity in IoT systems is important. The machine learning techniques selected for this project are presented in Chapter 3, with a focus on creating a reliable anomaly detection pipeline.Comprehensive data pre-processing, including cleaning, merging, normalization, and analysis, ensures sure the data is suitable for model training. In Chapter 4, training individual and ensemble models will be addressed along with an analysis of performance metrics in scenarios using binary and multi-class classification.Z-Score normalization is one strategy that is frequently used to handle unbalanced datasets. It has been demonstrated to perform better than Min-Max, especially when applied to the UNSW-NB15 dataset. The implementation of APIs using Streamlit for real-time visualisation and FastAPI for backend integration with ML models will be discussed in Chapter 5.This combination enables the ability to anticipate cyberattacks and visually represent anomalies in an effective way. The testbed built to automate cyberattacks and extract important features for model training will be discussed in detail in Chapter 6. The results of the evaluations, that compare the performance of the individual models and the ensemble, are presented in Chapter 7. The ensemble performed better than expected, especially when it came to identifying anomalies in multi-class environments. It achieved this with high accuracy and a significant reduction in false positives and negatives. Chapter 8 ends with an overview of the project’s conclusions and contributions.The main findings emphasize the significance of selecting normalization strategies and the advantages of using ensemble models to improve attack detection.
id RCAP_1a565018d68c7509c192c6aeedf53cf4
oai_identifier_str oai:recipp.ipp.pt:10400.22/26320
network_acronym_str RCAP
network_name_str Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)
repository_id_str https://opendoar.ac.uk/repository/7160
spelling Integrated monitoring for cyber-security in residential scenariosMonitorização integrada para cibersegurança em cenários residênciaisIoT SecurityAnomaly DetectionCybersecurityMachine LearningEnsemble ModelsIntrusion Detection Systems (IDS)API IntegrationThe increasing number of Internet of Things devices and the increasing adoption of smart homes have led to an increase in risk related to cybersecurity. The purpose of this dissertation is to examine these limitations and propose innovative solutions for anomaly detection using machine learning (ML) methods. The objectives and motivations for this work, which focuses on improving home network security, are explained in Chapter 1, which also provides a review of smart homes and their connections with cybersecurity issues. In Chapter 2, "State of the Art," the rise of IoT in everyday use and related safety concerns are addressed. In addition, it covers over basic concepts like machine learning strategies and the way these interact with intrusion detection systems (IDS). In order to mitigate increasing threats it considers that integrating ML with cybersecurity in IoT systems is important. The machine learning techniques selected for this project are presented in Chapter 3, with a focus on creating a reliable anomaly detection pipeline.Comprehensive data pre-processing, including cleaning, merging, normalization, and analysis, ensures sure the data is suitable for model training. In Chapter 4, training individual and ensemble models will be addressed along with an analysis of performance metrics in scenarios using binary and multi-class classification.Z-Score normalization is one strategy that is frequently used to handle unbalanced datasets. It has been demonstrated to perform better than Min-Max, especially when applied to the UNSW-NB15 dataset. The implementation of APIs using Streamlit for real-time visualisation and FastAPI for backend integration with ML models will be discussed in Chapter 5.This combination enables the ability to anticipate cyberattacks and visually represent anomalies in an effective way. The testbed built to automate cyberattacks and extract important features for model training will be discussed in detail in Chapter 6. The results of the evaluations, that compare the performance of the individual models and the ensemble, are presented in Chapter 7. The ensemble performed better than expected, especially when it came to identifying anomalies in multi-class environments. It achieved this with high accuracy and a significant reduction in false positives and negatives. Chapter 8 ends with an overview of the project’s conclusions and contributions.The main findings emphasize the significance of selecting normalization strategies and the advantages of using ensemble models to improve attack detection.Ferreira, Luís Miguel Moreira LinoREPOSITÓRIO P.PORTOCarneiro, Mário Miguel Silva de Sá2024-10-31T15:38:58Z2024-10-112024-10-11T00:00:00Zinfo:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/masterThesisapplication/pdfhttp://hdl.handle.net/10400.22/26320urn:tid:203713702enginfo:eu-repo/semantics/openAccessreponame:Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)instname:FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologiainstacron:RCAAP2025-05-21T01:52:34Zoai:recipp.ipp.pt:10400.22/26320Portal AgregadorONGhttps://www.rcaap.pt/oai/openaireinfo@rcaap.ptopendoar:https://opendoar.ac.uk/repository/71602025-05-29T00:57:05.221146Repositórios Científicos de Acesso Aberto de Portugal (RCAAP) - FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologiafalse
dc.title.none.fl_str_mv Integrated monitoring for cyber-security in residential scenarios
Monitorização integrada para cibersegurança em cenários residênciais
title Integrated monitoring for cyber-security in residential scenarios
spellingShingle Integrated monitoring for cyber-security in residential scenarios
Carneiro, Mário Miguel Silva de Sá
IoT Security
Anomaly Detection
Cybersecurity
Machine Learning
Ensemble Models
Intrusion Detection Systems (IDS)
API Integration
title_short Integrated monitoring for cyber-security in residential scenarios
title_full Integrated monitoring for cyber-security in residential scenarios
title_fullStr Integrated monitoring for cyber-security in residential scenarios
title_full_unstemmed Integrated monitoring for cyber-security in residential scenarios
title_sort Integrated monitoring for cyber-security in residential scenarios
author Carneiro, Mário Miguel Silva de Sá
author_facet Carneiro, Mário Miguel Silva de Sá
author_role author
dc.contributor.none.fl_str_mv Ferreira, Luís Miguel Moreira Lino
REPOSITÓRIO P.PORTO
dc.contributor.author.fl_str_mv Carneiro, Mário Miguel Silva de Sá
dc.subject.por.fl_str_mv IoT Security
Anomaly Detection
Cybersecurity
Machine Learning
Ensemble Models
Intrusion Detection Systems (IDS)
API Integration
topic IoT Security
Anomaly Detection
Cybersecurity
Machine Learning
Ensemble Models
Intrusion Detection Systems (IDS)
API Integration
description The increasing number of Internet of Things devices and the increasing adoption of smart homes have led to an increase in risk related to cybersecurity. The purpose of this dissertation is to examine these limitations and propose innovative solutions for anomaly detection using machine learning (ML) methods. The objectives and motivations for this work, which focuses on improving home network security, are explained in Chapter 1, which also provides a review of smart homes and their connections with cybersecurity issues. In Chapter 2, "State of the Art," the rise of IoT in everyday use and related safety concerns are addressed. In addition, it covers over basic concepts like machine learning strategies and the way these interact with intrusion detection systems (IDS). In order to mitigate increasing threats it considers that integrating ML with cybersecurity in IoT systems is important. The machine learning techniques selected for this project are presented in Chapter 3, with a focus on creating a reliable anomaly detection pipeline.Comprehensive data pre-processing, including cleaning, merging, normalization, and analysis, ensures sure the data is suitable for model training. In Chapter 4, training individual and ensemble models will be addressed along with an analysis of performance metrics in scenarios using binary and multi-class classification.Z-Score normalization is one strategy that is frequently used to handle unbalanced datasets. It has been demonstrated to perform better than Min-Max, especially when applied to the UNSW-NB15 dataset. The implementation of APIs using Streamlit for real-time visualisation and FastAPI for backend integration with ML models will be discussed in Chapter 5.This combination enables the ability to anticipate cyberattacks and visually represent anomalies in an effective way. The testbed built to automate cyberattacks and extract important features for model training will be discussed in detail in Chapter 6. The results of the evaluations, that compare the performance of the individual models and the ensemble, are presented in Chapter 7. The ensemble performed better than expected, especially when it came to identifying anomalies in multi-class environments. It achieved this with high accuracy and a significant reduction in false positives and negatives. Chapter 8 ends with an overview of the project’s conclusions and contributions.The main findings emphasize the significance of selecting normalization strategies and the advantages of using ensemble models to improve attack detection.
publishDate 2024
dc.date.none.fl_str_mv 2024-10-31T15:38:58Z
2024-10-11
2024-10-11T00:00:00Z
dc.type.status.fl_str_mv info:eu-repo/semantics/publishedVersion
dc.type.driver.fl_str_mv info:eu-repo/semantics/masterThesis
format masterThesis
status_str publishedVersion
dc.identifier.uri.fl_str_mv http://hdl.handle.net/10400.22/26320
urn:tid:203713702
url http://hdl.handle.net/10400.22/26320
identifier_str_mv urn:tid:203713702
dc.language.iso.fl_str_mv eng
language eng
dc.rights.driver.fl_str_mv info:eu-repo/semantics/openAccess
eu_rights_str_mv openAccess
dc.format.none.fl_str_mv application/pdf
dc.source.none.fl_str_mv reponame:Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)
instname:FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologia
instacron:RCAAP
instname_str FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologia
instacron_str RCAAP
institution RCAAP
reponame_str Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)
collection Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)
repository.name.fl_str_mv Repositórios Científicos de Acesso Aberto de Portugal (RCAAP) - FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologia
repository.mail.fl_str_mv info@rcaap.pt
_version_ 1833600770774138880

Similar Items