Machine learning based cybersecurity analytics
Information or data leakage can be intentional or unintentional. Disgruntled employees, honey-trapped employees, “cash-for-data” greedy employees and similar categories of employees can deliberately transfer information out of the organization while many regular employees may not practice good cyber...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Final Year Project |
| Language: | English |
| Published: |
2018
|
| Subjects: | |
| Online Access: | http://hdl.handle.net/10356/74067 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| Summary: | Information or data leakage can be intentional or unintentional. Disgruntled employees, honey-trapped employees, “cash-for-data” greedy employees and similar categories of employees can deliberately transfer information out of the organization while many regular employees may not practice good cyber hygiene during transfer of information out of the organization without noticing associated risks. In the Final Year Report (FYP) described in this report, the focus is on monitoring NetFlow traffic within an organization, detecting if there is any abnormal data transfer to external entities from within the organization. NetFlow is a network protocol developed by Cisco for recording IP traffic information and network data performance. Most of the important information in packet are used to form NetFlow to act as an enhancement for packets. Machine Learning (Ensemble Method – XGBoost) is created for detecting such data exfiltration. When data exfiltration is detected using the proposed model, all the traffic from the source IP address within the day is output into a file for close monitoring by related personnel in an organization. |
|---|