CAPSTONE PROJECT Implement IDS system integrating machine learning for Hai Dang Travel company C2NE.02 OUR TEAM Mentor Assoc Prof Nhu, Nguyen Gia Leader Vu, Duong The Hieu, Le Quang Khai, Tran Dinh Hoang, Duong Ngoc TABLE OF CONTENTS 01 03 04 02 OPERATION DIAGRAM INTRODUCTION PROJECT OBJECTIVES 05 06 DEMO DATA PROCESSING CONCLUSIO N 01 Introduction INTRODUCTION The increase in numbers and types of networked devices inevitably leads to a wider surface of attack whereas the impact of successful attacks is becoming increasingly severe as more critical responsibilities are assumed be these devices HAI DANG TRAVEL COMPANY Services HAI DANG TRAVEL COMPANY Tour in country Overseas tour Group tour Event Visa Study abroad Customer satisfaction is our success !!! PROBLEM Upgrade your network, warn and prevent attacks THEM They need us how network administrators can receive alerts from attacks US The problem we had was they wanted a moderate budget SOLUTION We came up with a solution to deploy an IDS system with machine learning to detect and prevent attacks 10 Intrusion Detection System Operation How Machine Learning Model Works ? Machine Learning Model Operation 18 04 DATA PROCESSING 19 DATA PROCESSING CSE-CIC-IDS2018 dataset provided by the Canadian Institute for Cybersecurity Ten days of operation inside a controlled network environment on AWS Datasets Realistic background traffic and different attack scenarios were conducted The dataset contains both benign network traffic as well as captures of the most common network attacks 20 DATA PROCESSING Datasets Overview 21 Number of flow per attack type 22 DATA PROCESSING Datasets Problems 23 Data cleaning and features engineering Remove duplicate header Replace infinity value to mean Drop all null and negative value Up sampling data to 100000 samples per attack category Scale the data using a Standard Scaler Remove strong correlation features 24 Remove strong correlation features Before After 25 Machine Learning Gradient Boosting 26 Machine Learning Gradient Boosting 27 down_up_ratio active_mean flow_pkts_s flow_duration label 0.714285714 1396.084766 8821.249008 Malicious 1.116666667 2415745.579 1.98322469 64048571.59 Benign Build Decision Tree from data 28 EXAMPLE GRADIENT BOOSTING 29 EXAMPLE GRADIENT BOOSTING 30 PRODUCT DEMO 31 CONCLUSION In this project, we tried our best and finished it However, there are still some issues that need to be improved in the latest updates In addition, our project has received a lot of positive contributions from international friends through GitHub 32 ... increasingly severe as more critical responsibilities are assumed be these devices HAI DANG TRAVEL COMPANY Services HAI DANG TRAVEL COMPANY Tour in country Overseas tour Group tour Event Visa Study abroad... An intrusion detection system? ? (IDS)  is a device or software application that monitors a network or systems for malicious activity or policy violations MACHINE LEARNING Machine learning is the study... Detection System Operation How IDS work ? Intrusion Detection System Operation 17 Intrusion Detection System Operation How Machine Learning Model Works ? Machine Learning Model Operation 18 04