Machine Learning and Cybersecurity Applications

Intrusion detection systems (IDS) are a specific branch of cyber-security that scans for malicious activity within a network. With the help of machine learning, a more efficient detection process can be created. Through the different combinations of neural nets, the accuracy of an IDS could potentially be optimized. The CICIDS2017 dataset was utilized to study certain cyber-attacks (DDoS, Brute Force FTP, Brute Force SSH, DoS, Heartbleed, Web Attack, Infiltration, and Botnet) by simulating certain web traffic over the course of five days. Various combinations of dense layers were used to view the changes in accuracy within this IDS. The losses and accuracy of each trial were displayed on multiple line graphs. To acquire the most efficient results, it was of the utmost importance to not design the neural network with an abundance of hidden layers. The IDS required a balance within the complexity of the network to produce superior results. This coincides with the Bias-Variance Dilemma: a tradeoff between how much predicted values differ from true values and how predictions made on the same value vary on different realizations of the model.