Person: ŞAHİNGÖZ, ÖZGÜR KORAY
Loading...
Email Address
Birth Date
Research Projects
Organizational Units
Job Title
Last Name
ŞAHİNGÖZ
First Name
ÖZGÜR KORAY
Name
6 results
Search Results
Now showing 1 - 6 of 6
Publication Metadata only Deep Learning in Intrusion Detection Systems(2018) Demir, Önder; BAYDOĞMUŞ, GÖZDE KARATAŞ; ŞAHİNGÖZ, ÖZGÜR KORAY; 110942; 170651; 214903Publication Open Access Increasing the Performance of Machine Learning-Based IDSs on an Imbalanced and Up-to-Date Dataset(IEEE, 2020) BAYDOĞMUŞ, GÖZDE KARATAŞ; Demir, Önder; ŞAHİNGÖZ, ÖZGÜR KORAYIn recent years, due to the extensive use of the Internet, the number of networked computers has been increasing in our daily lives. Weaknesses of the servers enable hackers to intrude on computers by using not only known but also new attack-types, which are more sophisticated and harder to detect. To protect the computers from them, Intrusion Detection System (IDS), which is trained with some machine learning techniques by using a pre-collected dataset, is one of the most preferred protection mechanisms. The used datasets were collected during a limited period in some specific networks and generally don & x2019;t contain up-to-date data. Additionally, they are imbalanced and cannot hold sufficient data for all types of attacks. These imbalanced and outdated datasets decrease the efficiency of current IDSs, especially for rarely encountered attack types. In this paper, we propose six machine-learning-based IDSs by using K Nearest Neighbor, Random Forest, Gradient Boosting, Adaboost, Decision Tree, and Linear Discriminant Analysis algorithms. To implement a more realistic IDS, an up-to-date security dataset, CSE-CIC-IDS2018, is used instead of older and mostly worked datasets. The selected dataset is also imbalanced. Therefore, to increase the efficiency of the system depending on attack types and to decrease missed intrusions and false alarms, the imbalance ratio is reduced by using a synthetic data generation model called Synthetic Minority Oversampling TEchnique (SMOTE). Data generation is performed for minor classes, and their numbers are increased to the average data size via this technique. Experimental results demonstrated that the proposed approach considerably increases the detection rate for rarely encountered intrusions.Publication Open Access Saldırı Tespit Sistemlerinde Makine Öğrenmesi Modellerinin Karşılaştırılması(Erzincan Binali Yıldırım Üniversitesi, Fen Bilimleri Enstitüsü, 2019) ÇEBİ, CEM BERKE; BULUT, FATMA SENA; FIRAT, HAZAL; BAYDOĞMUŞ, GÖZDE KARATAŞ; ŞAHİNGÖZ, ÖZGÜR KORAYSon yıllardaki gelişen teknolojiler neticesinde her türlü hesaplama cihazının İnternete bağlanması sağlanmıştır. Bu sayede birçok gerçek dünya problemi yeni ağ düzenine aktarılsa da bu tam-kontrol sağlanamayan sanal platform çok sayıda güvenlik açığı içermektedir. Günümüzde ağ yöneticilerin ana görevlerinden biride bu açıkları kapatmak ve sorumlu oldukları bilgisayar ağını saldırılardan korumaktır. Güvenlik duvarlarının kullanımı dışarıdan yapılan saldırıları ciddi boyutta engellese de içeriden yapılabilecek veya daha önceden karşılaşılmayan tipten saldırılara karşı zafiyetler içermektedir. Saldırı Tespit Sistemleri (STS) bu zafiyetleri ortadan kaldırmak için öncelikle tercih edilebilecek uygulamalardır. Son geliştirilen STSleri incelendiğinde dinamik bir güvenlik mekanizması geliştirmek adına özellikle Makine Öğrenmesi tabanlı sistemlere ağırlık verildiği görülmektedir. Bilgisayar donanımları ve paralel hesaplama teknolojilerinde ortaya çıkan gelişmeler ve Büyük Veri işleme teknolojilerinin, Makine Öğrenmesi tabanlı sistemlerle uyumlu kullanıldığı görülmektedir. Bu çalışmada yedi farklı makine öğrenimi algoritmaları kullanarak STSlerin geliştirilmesi amaçlanmıştır. Elde edilen sonuçlar başarım, eğitim süreleri ve çalıştırma süreleri açısından karşılaştırılarak farklı kriterlere göre uygun algoritmanın ortaya konmuştur. Bu karşılaştırma için genel kabul gören NSL-KDD veri setinden faydalanılmıştır. Başarım sonuçlarına bakınca Adaboost algoritmasının en yüksek doğruluk oranına ulaştığı görülmektedir. Ancak gerek eğitim süresi gerekse çalışma zamanı performansı göz önüne alınınca Karar Ağacı algoritmasının daha yüksek performans gösterdiği, doğruluk oranı değeri itibarı ile de Adaboost’a yakın değere sahip olduğu görülmektedir.Publication Metadata only Deep learning based security management of information systems: A comparative study(2020-01) Çebi, Cem Berke; Bulut, Fatma Sena; Fırat, Hazal; ŞAHİNGÖZ, ÖZGÜR KORAY; BAYDOĞMUŞ, GÖZDE KARATAŞ; 214903In recent years, there is a growing trend of internetization which is a relatively new word for our global economy that aims to connect each market sectors (or even devices) by using the global network architecture as the Internet. Although this connectivity enables great opportunities in the marketplace, it results in many security vulnerabilities for admins of the computer networks. Firewalls and Antivirus systems are preferred as the first line of a defense mechanism; they are not sufficient to protect the systems from all type of attacks. Intrusion Detection Systems (IDSs), which can train themselves and improve their knowledge base, can be used as an extra line of the defense mechanism of the network. Due to its dynamic structure, IDSs are one of the most preferred solution models to protect the networks against attacks. Traditionally, standard machine learning methods are preferred for training the system. However, in recent years, there is a growing trend to transfer these standard machine learning-based systems to the deep learning models. Therefore, in this paper, IDSs with four different deep learning models are proposed, and their performance is compared. The experimental results showed that proposed models result in very high and acceptable accuracy rates with KDD Cup 99 Dataset.Publication Metadata only Neural network based intrusion detection systems with different training functions(IEEE, 345 E 47th St, New York, Ny 10017 USA, 2018) BAYDOĞMUŞ, GÖZDE KARATAŞ; ŞAHİNGÖZ, ÖZGÜR KORAY; 110942; 214903In the last decades, due to the improvements in networking techniques and the increased use of the Internet, the digital communications entered all of the activities in the global marketplace. Parallel to these enhancements the attempts of hackers for intruding the networks are also increased. They tried to make unauthorized access to the networks for making some modifications in their data or to increase the network traffic for making a denial of service attack. Although a firewall seems as a good tool for preventing this type of attacks, intrusion detection systems (IDSs) are also preferred especially for detecting the attack within the network system. In the last few years, the performance of the IDS is increased with the help of machine learning algorithms whose effects depend on the used training/learning algorithm. Mainly it is really hard to know which learning algorithm can be the fastest one according to the problem type. The algorithm selection depends on lots of factors such as the size of data sets, number of nodes network design, the targeted error rate, the complexity of the problem, etc. In this paper, it is aimed to compare different network training function in a multi-layered artificial neural network which is designed for constructing an effective intrusion detection system. The experimental results are depicted in the paper by explaining the efficiency of the algorithms according to their true-positive detection rates and speed of the execution.Publication Metadata only Intrusion Detection Systems with GPU-Accelerated Deep Neural Networks and Effect of the Depth(2018) Reis, Buminhan; Kaya, Semi Berk; BAYDOĞMUŞ, GÖZDE KARATAŞ; ŞAHİNGÖZ, ÖZGÜR KORAY; 110942; 214903With the extended use of the Internet, which connects millions of computers across the world, there is a growing number and types of intrusions which complicate ensuring the security of information and computers. Although Firewalls and rule/signature base Intrusion Detection Systems (IDSs) are used as the first line of the defense of networks, they cannot be sufficient for detecting the zero-day type attacks, which are not previously encountered. For this type of attacks, Anomaly-Based Intrusion detection systems arise as an acceptable solution which models the normal communication behavior of the network and identifies the others as a suspicious transaction. To classify the normal behavior, usage of neural networks and machine learning approaches are accepted as powerful solutions. However, due to the lack of computation power, generally single hidden layer approach is preferred. With the enhancement of the parallel computation technology, especially in Graphics Processing Units (GPUs), it will be easy to implement a multi-layer approach in Deep Neural Network concept which has a great deal of attention within Deep Learning approach. Therefore, better accuracy rate could be reached. In this paper, we aimed to implement a Deep Neural Network-based Intrusion Detection System. Moreover, we also study the performance of the proposed model in binary classification with a different number of layers, neurons and parameters. Additionally, the acceleration of the GPU usage is also measured and presented with a comparison. To measure the performance of the proposed system the NSL-KDD data set, which is a 'cleaned' data set of the KDD data set, is preferred. The experimental results showed that the proposed multi-layer Deep Neural Network model produces an acceptable performance in its classification with a high accuracy rate with the design of a 64x32 hidden layer structure depending on the data set NSL-KDD.