• Anomaly Detection
• Clustering
• Deep Auto-Encoder
• Intrusion Detection System
• Latent Representation
• Maritime Cloud

The detection of anomalous events is critical to maintaining the reliability and security of services that run in a private cloud environment. Over the years, ports have adopted advanced technologies to facilitate their operations. With the huge advantages this adoption brings to the maritime industry, it also introduces new attack surfaces to the operations of the port. Anomaly detection methodologies have been employed to be able to detect known attacks. However, they are not able to keep up with the fast-changing domain of cyber attacks, as unseen attacks are being deployed at a rate that traditional anomaly detection tools cannot keep up with. This thesis aims to extend the current ICT prototyping framework for the “Port of the Future” (MONICA) to include a dedicated security module and to propose a misbehaviour detection algorithm using deep learning techniques to detect known and novel attacks.
The methodology implored in this thesis includes a theoretical examination of HDBSCAN Deep Nested Clustering Auto Encoders (HD-DNCAE), exploration, and preprocessing of network data obtained from a private cloud offering maritime services, as well as benchmark network data used in anomaly detection. Subsequently, I modified the DNCAE algorithm to be able to detect novelties without predefining the number of clusters and provide an optimal Area under the Curve (AUC) score.