Ensemble learning model for APT attack detection in network

Overview

This project focuses on detecting Advanced Persistent Threat (APT) activities in network traffic by extracting flow-based features and training deep learning models for classification task.

Feature Extraction with CICFlowMeter

We used CICFlowMeter to extract statistical features from raw packet capture files (.pcap).

Data source: Stratosphere Laboratory datasets
Tool: CICFlowMeter

You can see some samples about dataset in "sample" folder. There are about 1000 samples.

Model Overview

The following models are implemented:

GAN (Generative Adversarial Network): for generating synthetic network flow data (unbalanced dataset).
ELModel (Ensemble Learning Model): combines of LSTM and Switch Transformer.

To train and evaluate:

Run: python main.py

Name		Name	Last commit message	Last commit date
Latest commit History 8 Commits
models		models
notebook_file		notebook_file
sample		sample
utils		utils
.gitignore		.gitignore
README.md		README.md
main.py		main.py
train.py		train.py

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Ensemble learning model for APT attack detection in network

Overview

Feature Extraction with CICFlowMeter

Model Overview

To train and evaluate:

About

Uh oh!

Releases

Packages

Uh oh!

Contributors

Uh oh!

Languages

Folders and files

Latest commit

History

Repository files navigation

Ensemble learning model for APT attack detection in network

Overview

Feature Extraction with CICFlowMeter

Model Overview

To train and evaluate:

About

Resources

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Uh oh!

Contributors

Uh oh!

Languages

Packages