Security related self-protected networks: autonomous threat detection and response (ATDR)
Loading...
Date
2021
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
University of the Western Cape
Abstract
Cybersecurity defense tools, techniques and methodologies are constantly faced with increasing
challenges including the evolution of highly intelligent and powerful new generation threats. The
main challenges posed by these modern digital multi-vector attacks is their ability to adapt with
machine learning. Research shows that many existing defense systems fail to provide adequate
protection against these latest threats. Hence, there is an ever-growing need for self-learning technologies that can autonomously adjust according to the behaviour and patterns of the offensive
actors and systems. The accuracy and effectiveness of existing methods are dependent on decision
making and manual input by human expert. This dependence causes 1) administration overhead,
2) variable and potentially limited accuracy and 3) delayed response time.
In this thesis, Autonomous Threat Detection and Response (ATDR) is a proposed general method
aimed at contributing toward security related self-protected networks. Through a combination
of unsupervised machine learning and Deep learning, ATDR is designed as an intelligent and
autonomous decision-making system that uses big data processing requirements and data frame
pattern identification layers to learn sequences of patterns and derive real-time data formations.
This system enhances threat detection and response capabilities, accuracy and speed. Research
provided a solid foundation for the proposed method around the scope of existing methods and
the unanimous problem statements and findings by other authors.
Description
Doctor Educationis
Keywords
(Distributed) denial of service attacks, Traffic capture and packet analysis, Queueing theory, Machine learning, Neural networking, Multi-vector attack detection