Tezin Türü: Yüksek Lisans
Tezin Yürütüldüğü Kurum: Orta Doğu Teknik Üniversitesi, Enformatik Enstitüsü, Bilişim Sistemleri Anabilim Dalı, Türkiye
Tezin Onay Tarihi: 2018
Öğrenci: ALPER SARIKAYA
Danışman: BANU GÜNEL KILIÇ
Özet:Nowadays, cyberattacks are occurring progressively. Along with this, diversity, size and density of the cyberattacks are increasing. When the logs of security devices are analyzed, massive amounts of attack signs are detained. Besides, it is also difficult for humans to evaluate the logs accurately. Therefore, the identification of key data, which can be used to distinguish an attack from this very large data set, is important for both rapid detection of attacks and rapid response of security devices. This study focuses on selection of appropriate features from logs via machine learning and determining the distinctive attributes specific to an attack in the selection of these data. Based on the selected features, a classification methodology is proposed. As a result, 80.20% overall accuracy has been achieved using the proposed model with 19 features. Moreover, a better detection rate on DoS and Exploit classes has been obtained.