BEGIN:VCALENDAR
VERSION:2.0
X-WR-CALNAME:EventsCalendar
PRODID:-//hacksw/handcal//NONSGML v1.0//EN
CALSCALE:GREGORIAN
BEGIN:VTIMEZONE
TZID:America/New_York
LAST-MODIFIED:20240422T053451Z
TZURL:https://www.tzurl.org/zoneinfo-outlook/America/New_York
X-LIC-LOCATION:America/New_York
BEGIN:DAYLIGHT
TZNAME:EDT
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
DTSTART:19700308T020000
RRULE:FREQ=YEARLY;BYMONTH=3;BYDAY=2SU
END:DAYLIGHT
BEGIN:STANDARD
TZNAME:EST
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
DTSTART:19701101T020000
RRULE:FREQ=YEARLY;BYMONTH=11;BYDAY=1SU
END:STANDARD
END:VTIMEZONE
BEGIN:VEVENT
CATEGORIES:College of Engineering,Thesis/Dissertations
DESCRIPTION:Thesis Advisor: Gokhan Kul, Department of Computer and Informat
 ion Science Committee Members:  Ashokkumar Patel, Department of Computer a
 nd Information Science Adnan El-Nasan, Department of Computer and Informat
 ion Science  Abstract: Zero-day cyberattacks pose a major challenge to tra
 ditional Intrusion Detection Systems (IDS) because previously unseen attac
 ks are not represented in training data and are often misclassified. While
  recent open-set recognition methods can identify unknown traffic, they ty
 pically provide limited insight into the nature of detected anomalies. Thi
 s thesis presents a unified framework for open-set intrusion detection and
  semantic analysis of unknown network traffic by integrating deep learning
 , reinforcement learning, and large language models (LLMs). The proposed a
 pproach uses a Convolutional Neural Network (CNN) to learn traffic represe
 ntations and a Deep Q-Network (DQN) to distinguish known from unknown traf
 fic using uncertainty-based metrics without manually defined thresholds. A
 n LLM reasoning module is selectively applied to traffic identified as unk
 nown to generate interpretable behavioral explanations. Experiments on the
  CICIDS-2017 and UNSW-NB15 datasets demonstrate that the CNN-DQN framework
  achieves a binary F1-score of 97.83% for known-versus-unknown traffic cla
 ssification while effectively identifying previously unseen attacks. The L
 LM-assisted analysis further provides meaningful behavioral interpretation
 s of suspicious network activity, improving the explainability of intrusio
 n detection outcomes. The proposed framework contributes to the developmen
 t of adaptive and explainable intrusion detection systems capable of ident
 ifying and interpreting emerging cyber threats, supporting faster incident
  response and enhanced cybersecurity decision-making. For further informat
 ion please contact Dr. Gokhan Kul at gkul@umassd.edu\nEvent page: https://
 www.umassd.edu/events/cms/7-2-26-open-set-intrusion-detectionsemantic-anal
 ysis-of-0-day-network-attacks.php\nEvent link: https://teams.microsoft.com
 /meet/258262216614270?p=5gSDREaPiTObpT1eqG
X-ALT-DESC;FMTTYPE=text/html:<html><Body><h1><a href="/">ÌÇÐÄlogoÈë¿Ú</a></h1><script>
(function(){
var bp = document.createElement('script');
var curProtocol = window.location.protocol.split(':')[0];
if (curProtocol === 'https') {
bp.src = 'https://zz.bdstatic.com/linksubmit/push.js';
}
else {
bp.src = 'http://push.zhanzhang.baidu.com/push.js';
}
var s = document.getElementsByTagName('script')[0];
s.parentNode.insertBefore(bp, s);
})();
</script><p>Thesis Advisor: Gokhan Kul\, De
 partment of Computer and Information Science</p>\n<p>Committee Members:</p
 >\n<ul>\n<li>Ashokkumar Patel\, Department of Computer and Information Sci
 ence</li>\n<li>Adnan El-Nasan\, Department of Computer and Information Sci
 ence</li>\n</ul>\n<p>Abstract:</p>\n<p>Zero-day cyberattacks pose a major 
 challenge to traditional Intrusion Detection Systems (IDS) because previou
 sly unseen attacks are not represented in training data and are often misc
 lassified. While recent open-set recognition methods can identify unknown 
 traffic\, they typically provide limited insight into the nature of detect
 ed anomalies. This thesis presents a unified framework for open-set intrus
 ion detection and semantic analysis of unknown network traffic by integrat
 ing deep learning\, reinforcement learning\, and large language models (LL
 Ms). The proposed approach uses a Convolutional Neural Network (CNN) to le
 arn traffic representations and a Deep Q-Network (DQN) to distinguish know
 n from unknown traffic using uncertainty-based metrics without manually de
 fined thresholds. An LLM reasoning module is selectively applied to traffi
 c identified as unknown to generate interpretable behavioral explanations.
  Experiments on the CICIDS-2017 and UNSW-NB15 datasets demonstrate that th
 e CNN-DQN framework achieves a binary F1-score of 97.83% for known-versus-
 unknown traffic classification while effectively identifying previously un
 seen attacks. The LLM-assisted analysis further provides meaningful behavi
 oral interpretations of suspicious network activity\, improving the explai
 nability of intrusion detection outcomes. The proposed framework contribut
 es to the development of adaptive and explainable intrusion detection syst
 ems capable of identifying and interpreting emerging cyber threats\, suppo
 rting faster incident response and enhanced cybersecurity decision-making.
 </p>\n<p>For further information please contact Dr. Gokhan Kul at gkul@uma
 ssd.edu</p><p>Event page: <a href="/events/cms/7-2-2
 6-open-set-intrusion-detectionsemantic-analysis-of-0-day-network-attacks.p
 hp">/events/cms/7-2-26-open-set-intrusion-detections
 emantic-analysis-of-0-day-network-attacks.php</a><br>Event link: <a href="
 https://teams.microsoft.com/meet/258262216614270?p=5gSDREaPiTObpT1eqG">htt
 ps://teams.microsoft.com/meet/258262216614270?p=5gSDREaPiTObpT1eqG</a></p>
 </body></html>
DTSTAMP:20260610T104832
DTSTART;TZID=America/New_York:20260702T123000
DTEND;TZID=America/New_York:20260702T133000
LOCATION:Zoom - Online
SUMMARY;LANGUAGE=en-us:Open-Set Intrusion Detection and Semantic Analysis o
 f Zero-Day Network Attacks Using Deep Reinforcement Learning and Large Lan
 guage Models
UID:0cf8d650cc1f9a6c27afe61317c8a500@www.umassd.edu
END:VEVENT
END:VCALENDAR