Coronavirus made it tough but we keep working remotely with no delays. Get 15% OFF your First Order
Get 15% OFF your First Order

Research Proposal on Network IDS via Data Analytics

NIDS via Data Analytics – [Hint]

 

 

Don't use plagiarized sources. Get Your Custom Essay on
Research Proposal on Network IDS via Data Analytics
Just from $13/Page
Order Essay

 

 

  • The input network transaction includes several
  • These feature can be used to classify network transactions into normal or
  • Just like we did in Spam Filtering to classify emails into spam or non-spam, you can build an IDS following the same approach.
  • This means that your IDS model is just a classifier that can be training via a suitable
  • As part of your research investigation, try to find suitable datasets for IDS

 

Examples of some Attacks (Intrusions)

 

 

 

Feature Type
duration: continuous.
protocol_type: symbolic.
service: symbolic.
flag: symbolic.
src_bytes: continuous.
dst_bytes: continuous.
land: symbolic.
wrong_fragment: continuous.
urgent: continuous.
hot: continuous.
num_failed_logins: continuous.
logged_in: symbolic.
num_compromised: continuous.
root_shell: continuous.
su_attempted: continuous.
num_root: continuous.
num_file_creations: continuous.
num_shells: continuous.
num_access_files: continuous.
num_outbound_cmds: continuous.

 

 

Example of Transaction Features

 

Cont.

 

 

 

is_host_login: symbolic.
is_guest_login: symbolic.
count: continuous.
srv_count: continuous.
serror_rate: continuous.
srv_serror_rate: continuous.
rerror_rate: continuous.
srv_rerror_rate: continuous.
same_srv_rate: continuous.
diff_srv_rate: continuous.
srv_diff_host_rate: continuous.
dst_host_count: continuous.
dst_host_srv_count: continuous.
dst_host_same_srv_rate: continuous.
dst_host_diff_srv_rate: continuous.
dst_host_same_src_port_rate: continuous.
dst_host_srv_diff_host_rate: continuous.
dst_host_serror_rate: continuous.
dst_host_srv_serror_rate: continuous.
dst_host_rerror_rate: continuous.
dst_host_srv_rerror_rate: continuous.

 

Label class

 

  • Depending on the dataset used, your problem can be modeled as binary-class or multiclass classification problem.
Attack
back
buffer_overflow
ftp_write
guess_passwd
imap
ipsweep
land
loadmodule
multihop
neptune
nmap
normal
perl
phf
pod
portsweep
rootkit
satan
smurf
spy
teardrop
warezclient
warezmaster

 

 

Multi-class                                 Binary-class

 

Class
normal
intrusion

 

 

 

•    Write (TYPED) a research proposal (1000+ words) on Intrusion Detection Systems (IDSs) using data analytics.

•    Your proposal should include the following sections:

  • Title page
  • Introduction [about 1 page]
  • Literature review (each student in the group describes one paper) [0.5 page for each paper]
  • Research Methods and Resources [about 75 page]
  • Conclusion [0.5 page]
  • Contributions
  • References

 

 

 

 

•    Format required for your report

  • Font type: Times New Roman
  • Font size: 12pt
  • Line spacing: 5-spaced
  • Submission file format: PDF
  • Microsoft Word Page layout: Letter (8.5’’ x 11’’)
  • That’s approximately 5 pages (excluding figures, tables or references)

 

Page Layout

Choose the “Letter” page layout

 

 

 

 

  • Title page [excluded from word count]
    • Title of your proposal
    • Group name
    • Group members (Name, ID and Major)
    • Date

 

 

  • Introduction
    • Try to interest the reader in the topic
    • Define the problem you are trying to solve (what is intrusion detection?)
    • What is network intrusion detection?
    • Why it is important to solve this problem?
    • What is data analytics and how it can solve this problem?
    • Provide some historical/cultural context for the
    • At the end of your introduction, include a tentative thesis to indicate to your reader that you are entering your project looking at your topic through a critical, analytic lens – this thesis should clearly state your intentions using a meta-discursive structure (g., “In this project, I will…” or “This research project will investigate …”).
    • A good recipe for the introduction is context followed by (problem or complication) followed by proposed argument or research Each ingredient in this recipe should be 3-6 sentences long.

 

 

 

  • Literature review (include at least 6 relevant papers)
    • List how previous research targeted this problem
    • Each student in the group should pick one paper and write:
      • Main contributions
      • Analyze it
      • Critical review
      • Research gap in the paper and how it can be improved
      • Datasets used?
    • If the group has 6 student, then the literature review should include 6 papers
    • You can organize your literature review based on time period, topic, methods used,

  • Create connections and transit from one idea to another
  • DO NOT just list the contributions without connection
  • At the end of the LR section, add a table to compare the papers you studied

 

 

 

 

•    Research Methods and Resources

  • Describe the methods you will be using to model and solve the intrusion detection problem via data analytics
  • Describe the computer software to be used
  • Describe the data analytics learning approach (supervised/ unsupervised …)

you will be using

  • Describe the concept your model is trying to learn (classification or regression or clustering or association analysis or …)
  • Describe the dataset(s) you will be using in building your data analytic learning model
  • Describe the evaluation methods you will be using to evaluate your solution

 

 

 

 

•    Conclusion [0.5 page]

  • Address the lessons you learned from doing the literature review and learning about intrusion detection in computer systems.
  • Address why should the reader want to read your article?
  • Address any challenges you faced and how you are going to overcome them

in the next part of the project.

 

 

•    Contributions breakdown

  • List the names of the authors of each of the following contributions:
    • Conceptualization: author 1, author 2, …
    • Methodology: author 1, author 2, …
    • Software: author 1, author 2, …
    • Validation: author 1, author 2, …
    • Formal analysis: author 1, author 2, …
    • Investigation: author 1, author 2, …
    • Resources: author 1, author 2, …
    • Data curation: author 1, author 2, …
    • Writing: author 1, author 2, …
    • Editorial: author 1, author 2, …
    • Visualization: author 1, author 2, …

 

 

  • References [Include at least 9 references]
    • Use a unified reference style
    • Use the APA referencing and citation style