| dc.contributor.advisor | Abel Sanchez. | en_US |
| dc.contributor.author | Moe, Lwin P | en_US |
| dc.contributor.other | Massachusetts Institute of Technology. Integrated Design and Management Program. | en_US |
| dc.date.accessioned | 2018-10-15T20:24:14Z | |
| dc.date.available | 2018-10-15T20:24:14Z | |
| dc.date.copyright | 2018 | en_US |
| dc.date.issued | 2018 | en_US |
| dc.identifier.uri | http://hdl.handle.net/1721.1/118536 | |
| dc.description | Thesis: S.M. in Engineering and Management, Massachusetts Institute of Technology, System Design and Management Program, 2018. | en_US |
| dc.description | Cataloged from PDF version of thesis. | en_US |
| dc.description | Includes bibliographical references (pages 84-86). | en_US |
| dc.description.abstract | Cybersecurity is a growing research area with direct commercial impact to organizations and companies in every industry. With all other technological advancements in the Internet of Things (IoT), mobile devices, cloud computing, 5G network, and artificial intelligence, the need for cybersecurity is more critical than ever before. These technologies drive the need for tighter cybersecurity implementations, while at the same time act as enablers to provide more advanced security solutions. This paper will discuss a framework that can predict cybersecurity risk by identifying normal network behavior and detect network traffic anomalies. Our research focuses on the analysis of the historical network traffic data to identify network usage trends and security vulnerabilities. Specifically, this thesis will focus on multiple components of the data analytics platform. It explores the big data platform architecture, and data ingestion, analysis, and engineering processes. The experiments were conducted utilizing various time series algorithms (Seasonal ETS, Seasonal ARIMA, TBATS, Double-Seasonal Holt-Winters, and Ensemble methods) and Long Short-Term Memory Recurrent Neural Network algorithm. Upon creating the baselines and forecasting network traffic trends, the anomaly detection algorithm was implemented using specific thresholds to detect network traffic trends that show significant variation from the baseline. Lastly, the network traffic data was analyzed and forecasted in various dimensions: total volume, source vs. destination volume, protocol, port, machine, geography, and network structure and pattern. The experiments were conducted with multiple approaches to get more insights into the network patterns and traffic trends to detect anomalies. | en_US |
| dc.description.statementofresponsibility | by Lwin P. Moe. | en_US |
| dc.format.extent | 86 pages | en_US |
| dc.language.iso | eng | en_US |
| dc.publisher | Massachusetts Institute of Technology | en_US |
| dc.rights | MIT theses are protected by copyright. They may be viewed, downloaded, or printed from this source but further reproduction or distribution in any format is prohibited without written permission. | en_US |
| dc.rights.uri | http://dspace.mit.edu/handle/1721.1/7582 | en_US |
| dc.subject | Engineering and Management Program. | en_US |
| dc.subject | Integrated Design and Management Program. | en_US |
| dc.title | Cyber security risk analysis framework : network traffic anomaly detection | en_US |
| dc.type | Thesis | en_US |
| dc.description.degree | S.M. in Engineering and Management | en_US |
| dc.contributor.department | Massachusetts Institute of Technology. Engineering and Management Program | en_US |
| dc.contributor.department | Massachusetts Institute of Technology. Integrated Design and Management Program. | en_US |
| dc.identifier.oclc | 1054927618 | en_US |
