東華大學圖書館 |

Countermeasures Against Various Network Attacks Using Machine Learning Methods.

紀錄類型:	書目-電子資源 : Monograph/item
正題名/作者:	Countermeasures Against Various Network Attacks Using Machine Learning Methods./
作者:	Li, Yi.
出版者:	Ann Arbor : ProQuest Dissertations & Theses, : 2020,
面頁冊數:	167 p.
附註:	Source: Dissertations Abstracts International, Volume: 82-06, Section: B.
Contained By:	Dissertations Abstracts International82-06B.
標題:	Computer science. -
電子資源:	http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=28157046
ISBN:	9798557002561

Countermeasures Against Various Network Attacks Using Machine Learning Methods.
Li, Yi.

Countermeasures Against Various Network Attacks Using Machine Learning Methods. - Ann Arbor : ProQuest Dissertations & Theses, 2020 - 167 p.

Source: Dissertations Abstracts International, Volume: 82-06, Section: B.

Thesis (Ph.D.)--University of South Florida, 2020.

This item is not available from ProQuest Dissertations & Theses.

With the rapid development of a computer network, our lives are already inseparable from it. Wireless Fidelity (Wi-Fi) is in use everywhere; more and more devices are connected to the Internet, and many companies and individuals tend to store their data and information online. Furthermore, it is now very convenient to communicate with each other through email and text messages. However, widespread networks also provide more attack surfaces for attackers. There are a variety of network attacks aimed at information theft. To better defend against those network attacks, one needs to have a broad knowledge of existing attacks. In this dissertation, we address four different types of attacks. (1) We first focus on domain name security, as it is an essential component in a computer network. Attackers can use Domain Generation Algorithm (DGA)-based malware to infiltrate a network and eventually gain access to the network, leading to the loss of a company's assets or personal information theft. We propose a DGA-based malware detection framework for detecting DGA-based malware to alleviate the threat to defend against this type of attack. The threat data was collected from real-world network traffic over a year. The proposed DGA-based malware detection framework consists of a two-level model that performs classification and clustering and a time-series prediction model to predict future DGA domain features. (2) We then focus on Wi-Fi security and countermeasures against Key Reinstallation Attack (KRACK), which utilizes the serious weakness in the 4-way handshake of Wi-Fi Protected Access 2 (WPA2) and aims at stealing Wi-Fi users' information. We propose a Software-Defined Networking (SDN)-based detection and mitigation framework to defend against KRACK. The proposed framework consists of two stages. In the detection stage, we monitor Wi-Fi's network traffic and detect message 3 of the 4-way handshake, where message 3 is a replaying transmission message launched by an attacker based on nonce resets. In the mitigation stage, we update the forwarding rule in the flow table to redirect the attack traffic and prevent it from going to the user. (3) To efficiently prevent users from being victims of information theft, it is also essential to understand how users will behave when facing those attacks. In this dissertation, we focus on studying user behavior when a user encounters with phishing attacks. We propose two study designs: an on-site study design and online study design. We not only collect personal background information through survey questions but also design the necessary software to collect experimental data, such as time measurement and mouse movement. We analyze which factors, such as intervention, monetary incentive, and phishing types, play an important role in phishing attacks. Furthermore, we propose a machine learning framework to help analyze collected data. (4) Since machine learning has been widely used in defending against network attacks, we need to ensure the robustness of the proposed machine learning algorithms and prevent them from adversarial attacks. Last but not least, we explore adversarial examples for attacking the machine learning model used to detect false data injection attacks in an in-vehicle network and build an Adversarial Attack Defending System (AADS) for ensuring the robustness of the machine learning model and securing the in-vehicle network.

ISBN: 9798557002561Subjects--Topical Terms:

523869
Computer science.
Subjects--Index Terms:

Adversarial attack

Countermeasures Against Various Network Attacks Using Machine Learning Methods.
LDR:04854nmm a2200457 4500 001 2344605
005 20220531064605.5
008 241004s2020 ||||||||||||||||| ||eng d
020 $a 9798557002561
035 $a (MiAaPQ)AAI28157046
035 $a AAI28157046
040 $a MiAaPQ $c MiAaPQ
100 1 $a Li, Yi. $3 911053
245 1 0 $a Countermeasures Against Various Network Attacks Using Machine Learning Methods.
260 1 $a Ann Arbor : $b ProQuest Dissertations & Theses, $c 2020
300 $a 167 p.
500 $a Source: Dissertations Abstracts International, Volume: 82-06, Section: B.
500 $a Advisor: Sun, Yu;Xiong, Kaiqi.
502 $a Thesis (Ph.D.)--University of South Florida, 2020.
506 $a This item is not available from ProQuest Dissertations & Theses.
506 $a This item must not be sold to any third party vendors.
520 $a With the rapid development of a computer network, our lives are already inseparable from it. Wireless Fidelity (Wi-Fi) is in use everywhere; more and more devices are connected to the Internet, and many companies and individuals tend to store their data and information online. Furthermore, it is now very convenient to communicate with each other through email and text messages. However, widespread networks also provide more attack surfaces for attackers. There are a variety of network attacks aimed at information theft. To better defend against those network attacks, one needs to have a broad knowledge of existing attacks. In this dissertation, we address four different types of attacks. (1) We first focus on domain name security, as it is an essential component in a computer network. Attackers can use Domain Generation Algorithm (DGA)-based malware to infiltrate a network and eventually gain access to the network, leading to the loss of a company's assets or personal information theft. We propose a DGA-based malware detection framework for detecting DGA-based malware to alleviate the threat to defend against this type of attack. The threat data was collected from real-world network traffic over a year. The proposed DGA-based malware detection framework consists of a two-level model that performs classification and clustering and a time-series prediction model to predict future DGA domain features. (2) We then focus on Wi-Fi security and countermeasures against Key Reinstallation Attack (KRACK), which utilizes the serious weakness in the 4-way handshake of Wi-Fi Protected Access 2 (WPA2) and aims at stealing Wi-Fi users' information. We propose a Software-Defined Networking (SDN)-based detection and mitigation framework to defend against KRACK. The proposed framework consists of two stages. In the detection stage, we monitor Wi-Fi's network traffic and detect message 3 of the 4-way handshake, where message 3 is a replaying transmission message launched by an attacker based on nonce resets. In the mitigation stage, we update the forwarding rule in the flow table to redirect the attack traffic and prevent it from going to the user. (3) To efficiently prevent users from being victims of information theft, it is also essential to understand how users will behave when facing those attacks. In this dissertation, we focus on studying user behavior when a user encounters with phishing attacks. We propose two study designs: an on-site study design and online study design. We not only collect personal background information through survey questions but also design the necessary software to collect experimental data, such as time measurement and mouse movement. We analyze which factors, such as intervention, monetary incentive, and phishing types, play an important role in phishing attacks. Furthermore, we propose a machine learning framework to help analyze collected data. (4) Since machine learning has been widely used in defending against network attacks, we need to ensure the robustness of the proposed machine learning algorithms and prevent them from adversarial attacks. Last but not least, we explore adversarial examples for attacking the machine learning model used to detect false data injection attacks in an in-vehicle network and build an Adversarial Attack Defending System (AADS) for ensuring the robustness of the machine learning model and securing the in-vehicle network.
590 $a School code: 0206.
650 4 $a Computer science. $3 523869
650 4 $a Artificial intelligence. $3 516317
650 4 $a Computer engineering. $3 621879
650 4 $a Web studies. $3 2122754
650 4 $a Systems science. $3 3168411
650 4 $a Information technology. $3 532993
653 $a Adversarial attack
653 $a Information theft
653 $a Software defined networking
653 $a User behavior
653 $a Machine learning
653 $a Network attacks
653 $a Network development
690 $a 0984
690 $a 0489
690 $a 0464
690 $a 0454
690 $a 0800
690 $a 0790
690 $a 0646
710 2 $a University of South Florida. $b Engineering Computer Science. $3 3683389
773 0 $t Dissertations Abstracts International $g 82-06B.
790 $a 0206
791 $a Ph.D.
792 $a 2020
793 $a English
856 4 0 $u http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=28157046