Bahir Dar Institute of Technology

Faculty of Electrical and Computer Engineering,

Department of Computer Engineering

MSc Thesis Titles submission

Name ID No

1. Erkihun Mulu----------------------------------------------------BDU1501434

Submitted to: Mr. Wubie

Submission Date:10/12/2023

Bahir Dar, Ethiopia

 1) A hybrid deep learning based intrusion detection system for SDN
network
Software -Defined Networks (SDN) is an emerging area that promises to change the way we
design, build, and operate network architecture. It tends to shift from traditional network
architecture of proprietary based to open and programmable network architecture. However, this
new innovative and improved technology also brings another security burden into the network
architecture, with existing and emerging security threats. The network vulnerability has become
more open to intruders: the focus is now shifted to a single point of failure where the central
controller is a prime target. Therefore, integration of intrusion detection system (IDS) into the
SDN architecture is essential to provide a network with attack countermeasure. I will design and
develop a virtual test that simulates the processes of the real network environment, where a star
topology will create with hosts and servers connected to the Open Flow OVS-switch. Signature-
based Snort IDS is deployed for traffic monitoring and attack detection, by mirroring the traffic
destine to the servers. The vulnerability assessment shows possible attacks threat exist in the
network architecture and effectively contain by Snort IDS except for the few which the
suggestion is made for possible mitigation. the architecture of SDN tried to contain the security
prone in the network management, but the separation of the control plane from data plane bring
another form of security threat to the SDN architecture that can be found in any of it three layers:
application, control, and infrastructure layer. The consequences this security prone can lead to
data modification, unauthorized access to the network, data leakage, denial of service(DoS). In
order to provide scalable threat detection in the architecture, a flow-based IDS model will
develop. A flow-based anomaly detection will implement with Convolutional Neural
Network(CNN) for feature extraction and Artificial Neural Network(ANN) for classification to
overcome the limitation of signature-based IDS. Multi-dimensional features of traffic data are
first extract using convolutional neural networks of different dimensions and then fuse into a
network traffic dataset. The heterogeneous base learners are combine and use as a classifier, and
the obtain network traffic dataset is feed to the classifier for final classification. Finally, I will
create highly secure and accurate SDN environment.

2) Machine Learning approach for Phishing Email Detection

Electronic mail (e-mail) is one of the most popular methods for online communication and data
transmission over the web because of its rapid and simple dissemination of data, cheap
distribution cost, and permanence. Despite its advantages, e-mail has several drawbacks. The
most common of these are phishing and spam emails. While both phishing emails and spam can
jam your inbox, only phishing is specifically designed to steal login passwords and other
important information. Spam is a marketing strategy that involves sending unsolicited emails to
large groups of people in order to promote products and services. A phishing email is a genuine
looking email that is intended to fool users into thinking it is a legitimate email and then either
expose sensitive information or download malicious software by clicking on malicious links
contained in the email's body. Phishing is more harmful in this aspect because it has caused
tremendous financial loss to domain users. Therefore, there is an urgent need for phishing email
detection with high accuracy. Banking information, credit reports, login data, and other sensitive
and personal information are frequently transmitted over email. This makes them valuable to
cyber criminals, who can exploit the knowledge for their own gain. In my research paper, I
propose a phishing email detection algorithm based on Support Vector Machine (SVM), K-
Nearest Neighbor (KNN), Decision Tree (DTC), Random Forest (RFC) and Gaussian Naïve
Bayes (GNB). We extracted email features by analyzing the email header structure, email body,
email Uniform Resource Locator information, and email script function features. The aim of my
research paper are:
(i) Investigate the challenge of the existing email filtration method for the purpose of
minimizing the gap caused by junk mail filtration.
(ii) Provide an effective and improved way of phishing email classification method by using
machine learning approaches.
(iii) Prevent users from opening the malicious link and responding to the attacker.
(iv) Prevent phishing emails from being sent to the intended recipient.

3) Intelligent Intrusion Detection System for WLAN using Deep

Learning Approach
In computer security, Intrusion detection Systems (IDS) are mechanism of detecting an intruder
in the system and notifying malicious activities to system administrator. Most of IDS researches
are on wired Local Area network (LAN) using KDD dataset. But the wireless IDS needs its own
research using dataset from wireless LAN. Since most of the security vulnerability features of
wireless LAN is due of its nature and they are different from wired LAN, wireless IDS needs to
be studied independently from that of wired LAN. The IDS researches on wireless LAN started
recently. Until now there are some research works like publishing Aegean Wi-Fi Intrusion
Dataset (AWID) dataset publicly for the research community and evaluating the dataset using
different machine learning algorithms. But when we see the results from the previous research
works, especially in the case on Flooding and Impersonation attacks, it is clear that wireless IDS
is not well researched and it needs further study for performance improvements.
The AWID dataset contains different data types which are numeric, string, and hexadecimals. So
before training the system and evaluation of its performance, the dataset is will preprocessed and
finally select attributes that used for system training and evaluation. Also two stage feature
selection is implement in order to reduce the training cost and improve the system performance
by selecting the minimum number of most discriminant features. The first stage is removing
duplicated attributes, which reduce the number of attributes in the dataset. The second stage will
do by applying Information Gain Ratio(IGR). Using thresholds three dataset will prepare to
experiment the relation between number of attributes in the dataset and the resulting system
performance. The main classification system is implement using Convolutional Neural
Network(CNN).