Mahdi Naderibeni
AI for Intrusion Detection: Clustering Unknown Traffic and Payload Analysis.
Rel. Luca Vassio. Politecnico di Torino, Corso di laurea magistrale in Data Science And Engineering, 2025
![[thumbnail of Tesi_di_laurea]](https://webthesis.biblio.polito.it/style/images/fileicons/application_pdf.png "Tesi_di_laurea")
|
PDF (Tesi_di_laurea)
- Tesi
Accesso limitato a: Solo utenti staff fino al 24 Aprile 2027 (data di embargo). Licenza: Creative Commons Attribution Non-commercial No Derivatives. Download (5MB) |
Abstract
Given the growing complexity of cyber threats, Intrusion Detection Systems (IDS) must advance to detect both established and novel attack vectors in real time. This study investigates the application of Artificial Intelligence (AI) methodologies in the context of intrusion detection, with a particular emphasis on two pivotal domains: payload analysis and the clustering of anomalous, previously unclassified network traffic. For payload classification, a novel deep learning framework is proposed, wherein raw hexadecimal payload data are converted into spectrogram representations. This transformation facilitates the deployment of a hybrid architecture combining Convolutional Neural Networks (CNN) with Long Short-Term Memory (LSTM) networks, thereby enabling the extraction of both spatial and temporal features.
In addressing the challenge of unknown attack detection, this work introduces the Adaptive Clustering and Embedding Network (ACENet), a dual-phase model that concurrently learns compact latent feature representations and performs clustering within the embedding space to identify patterns indicative of malicious behavior
Tipo di pubblicazione
URI
 |
Modifica (riservato agli operatori) |
