Open Access. Powered by Scholars. Published by Universities.®
Articles 1 - 1 of 1
Full-Text Articles in Computer Engineering
Effect Of Connection State & Transport/Application Protocol On The Machine Learning Outlier Detection Of Network Intrusions, George Yuchi [*], Torrey J. Wagner, Paul Auclair, Brent T. Langhals
Effect Of Connection State & Transport/Application Protocol On The Machine Learning Outlier Detection Of Network Intrusions, George Yuchi [*], Torrey J. Wagner, Paul Auclair, Brent T. Langhals
Faculty Publications
The majority of cyber infiltration & exfiltration intrusions leave a network footprint, and due to the multi-faceted nature of detecting network intrusions, it is often difficult to detect. In this work a Zeek-processed PCAP dataset containing the metadata of 36,667 network packets was modeled with several machine learning algorithms to classify normal vs. anomalous network activity. Principal component analysis with a 10% contamination factor was used to identify anomalous behavior. Models were created using recursive feature elimination on logistic regression and XGBClassifier algorithms, and also using Bayesian and bandit optimization of neural network hyperparameters. These models were trained on a …