Intrusion detection on computer networks using anomaly detection approach

Bilgisayar ağlarına yapılan saldırılar günden güne artarken ve saldırıların nitelikleri de sürekli olarak değişmektedir. Ağ saldırıları, bilgisayar ağlarına zarar vererek bilgi güvenliğini ortadan kaldırmaktadır. Bu durum kişiler, şirketler, kurumlar ve hatta devletler için büyük bir risk oluşturmaktadır. Ağ trafiğinin analizi ve böylece saldırıların ortaya çıkarılabilmesi için Saldırı Tespit Sistemlerinden yararlanılmaktadır. Saldırı türlerini tanıyacak şekilde oluşturulan bu sistemlerin gelişimleri de artan saldırı tiplerine göre sürekli devam etmektedir. Bu çalışmada makine öğrenmesi teknikleri yardımıyla anormallik tabanlı bir saldırı tespit sistemi oluşturulması amaçlanmıştır. Çalışma sürecinde; Yinelemeli Özellik Elemesi, İleri Yönelimli Seçim, Rastgele Orman, Karar Ağaçları, Naive Bayes, Lojistik Regresyon ve Ekstrem Gradyan Artırma gibi algoritmalardan yararlanılmış ve Doğruluk, Kesinlik, Duyarlılık ve F1 gibi metrikler ile değerlendirmeler yapılmıştır. Ayrıca model değerlendirme için ROC eğrilerinden yararlanılmıştır. Bahsi geçen bu algoritmalardan elde edilen sonuçlar karşılaştırılarak en etkili modelin bulunması için CICIDS 2017 veri seti kullanılmıştır. Çalışma kapsamında Yinelemeli Özellik Elemesi ve İleri Yönelimli Seçim teknikleriyle özellik seçimi yapılmış ve en iyi sınıflandırma sonuçları Rasgele Orman ve Ekstrem Gradyan Artırma algoritmalarından elde edilmiştir.Attacks on computer networks are increasing day by day and characteristics of them are changing continuously. Network attacks destroy information security by damaging computer network systems. This situation poses a great risk for individuals, companies, institutions and even governments. To prevent or minimize the damages of network attacks, Intrusion Detection Systems are used. The development of these systems, which are created according to attack characteristics, continues parallelly to increasing attack types. In this study, it is aimed to create an intrusion detection system based on machine learning principles with anomaly detection. Recursive Feature Elimination, Forward Feature Selection, Random Forest, Decision Tree, Naive Bayes, Logistic Regression and Extreme Gradient Boosting algorithms are used during the study and evaluations are made by Accuracy, Precision, Recall and F1 Score metrics. Also, Cross Validation and ROC Curve methods are used for the evaluation. CICIDS2017 data set is used to find the most effective model by comparing the results obtained from the mentioned algorithms. As the result of this study, it is determined that the Intrusion Detection System models, which are created by classifying the features obtained the methods of Forward Feature Selection and Recursive Feature Elimination with Random Forest and Extreme Gradient Boosting algorithms, are successful

SURVIVAL PREDICTION OF HEART PATIENTS WITH MACHINE LEARNING METHODS

According to data from the World Health Organization, around 17.9 million people die annually from cardiovascular diseases. This is equivalent to approximately 32% of all global deaths. Over seventy-five percent of these deaths occur in low- and middle-income nations. Determining the features that have the greatest impact on the death or survival of heart patients and developing models that accurately predict patient survival is an important issue of the present day. . In recent years, machine learning has been used to predict patients' survival during follow-up by combining their medical records with other features such as gender, age and weight. However, the enormous quantity of features makes it challenging for physicians to diagnose diseases and severely impacts the prediction performance of machine learning in terms of cost and time. In this regard, it is essential to keep an optimal number of features and select the most effective ones. In the proposed study, a dataset was used on the survival of heart patients from the data repository at the University of California Irvine. This dataset includes a total of 13 different patient features, which were collected from 299 different individuals. The recursive feature elimination method was used for feature selection in order to identify the parameters that have the most impact on patient survival. The yeo-johnson power transformation was applied from the normalizing approaches to make the feature sets that do not have a normal distribution from the selected features closer to the normal distribution. Finally, Support Vector Machines, Naive Bayes, Random Forest, Decision Tree, Logistic Regression, XGBoost, CatBoost, and the K-Nearest Neighbor machine learning algorithms were used to predict the survival of patients with heart disease. As a result of the study, the number of features used to predict patient survival was reduced to six, and a confusion matrix was produced to assess and compare the results of machine learning models in terms of accuracy, recall, and precision. According to the obtained results, the algorithm XGBoost best predicts the survival of patients with a 90% level of accuracy.</p

GENERATOR OF HYPOTHESES – AN APPROACH OF DATA MINING BASED ON MONOTONE SYSTEMS THEORY

Abstract. Generator of hypotheses is a new method for data mining. It makes possible to classify the source data automatically and produces a particular enumeration of patterns. Pattern is an expression (in a certain language) describing facts in a subset of facts. The goal is to describe the source data via patterns and/or IF...THEN rules. Used evaluation criteria are deterministic (not probabilistic). The search results are trees – form that is easy to comprehend and interpret. Generator of hypotheses uses very effective algorithm based on the theory of monotone systems (MS) named MONSA (MONotone System Algorithm) [6]