This project was done in the subject, COMP90073 (Security Analytics) taken in Semester2, 2020 in the University of Melbourne.
- Detection of network traffic anomalies using unsupervised machine learning
- Anomaly_detection.ipynb: [2]~[5]
- Analysis.ipynb: [6] Interpretation of the result
- Generating_adversarial_samples.ipynb : [7] Generating Adversarial samples (FGSM), this notebook referred to this code (https://github.com/kenhktsui/adversarial_examples/blob/master/adversarial.py)
- Dataset link:
- https://cloudstor.aarnet.edu.au/plus/s/Hvu7YyCDDG7ByWb
- https://cloudstor.aarnet.edu.au/plus/s/38CH3I8HbuYkh3r
More details in the anomaly_detection_reports.pdf
-
Feature1: Numeric value (existing + newly generated) + Standardscaler + PCA
-
Feature2: Feature1 + One-hot encoded categorical feature
-
Feature3: Scale (Cumulative features grouped by stream_id + time-based feature) + PCA
- Iforest
- OneclassSVM
- Criteria of setting a threshold: Accuracy > 0.88 and Max(TPR-FPR)
- OCSVM + feature3
- Iforest + feature 3
- OCSVM + feature3
SCORES:
CLUSTERING:
- Iforest + feature3
SCORES:
CLUSTERING:
- FGSM generates adversarial samples with the error rate of almost 100%.