Program for Classification of Intrusion Type on Local Computer System

Intrusion detection in computer systems has become very important due to increased volume of transmitted information (significant portion of this information is private) and the number of devices. The number of cybercrimes is also growing, which leads to losses for the government, corporations and ordinary users. One of the means to deal with cybercrime are intrusion detection systems (IDS). Most of the IDS are based on signatures (pre-programmed rules), but when new types of attacks and vulnerabilities are being exploited, these systems need new signatures, which leads to time-consuming work of experts (to gather signatures for new attacks) and to decrease in performance of IDS. That is why, the application of machine learning methods in the task of intrusion detection has become the field of extensive research. Such IDS allow to extract knowledge about the attacks on the basis of examples and can be trained using special datasets (usually with significant amount of data). Most of such researches are based on KDD99 dataset, which is extremely outdated, but there are some up-to-date datasets like ADFA (2013), AWID (2015), and UNSW-NB15(2015). Security of wireless networks has become one the most popular subsections of computer security as the share of wireless networks is dramatically increasing nowadays. That is why this project focused on AWID dataset, as it provides data for wireless Wi-Fi (IEEE 802.11) networks. This master project proposes a program for intrusion types classification, based on publicly available AWID dataset and machine learning methods: gradient boosting, random forest and artificial neural networks.