PhD Dissertation Proposal - Ahmed Mahfouz

Machine Learning in Network Intrusion Detection

Ahmed Mahfouz, PhD Student

Monday, Apr. 29, 2019, 11:00 am
Dunn Hall 375B Conference Room

Committee Members:

Prof. Sajjan Shiva, Chair
Prof. Robin Poston
Prof. Deepak Venugopal
Prof. Xing Gao


With the rapid growth in network-based applications, new risks arise, and security mechanisms need additional attention to improve speed and accuracy. Although many new security tools have been developed, the fast-growth of malicious activities continues to be a pressing issue, and the ever-evolving attacks create severe threats to network security. A Network Intrusion Detection System (NIDS) helps system administrators to detect network security breaches. However, many challenges arise while developing a flexible and efficient NIDS for unforeseen and unpredictable attacks. Machine Learning (ML) methods are one of the practical approaches to intrusion detection, where we learn models from data to differentiate between abnormal and regular traffic. Though ML approaches are used frequently, an in-depth analysis of ML algorithms in the context of intrusion detection has received less attention in the literature. In this dissertation, we provide a comprehensive analysis of ML techniques for identifying network intrusions. Specifically, we analyze the techniques along various dimensions, namely, feature selection, sensitivity to hyperparameter selection, and class imbalance problems that are inherent to intrusion detection. We also, investigate the applications of Deep Learning (DL) to network security and propose a Deep Learning (DL) based approach for developing such an efficient and flexible NIDS using Self-taught Learning (STL), a deep learning based technique.