loading
Documents

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Mikhail Zolotukhin ; Timo Hämäläinen and Antti Juvonen

Affiliation: University of Jyväskylä, Finland

ISBN: 978-989-8565-08-2

Keyword(s): Intrusion Detection, Anomaly Detection, N-gram, Growing Hierarchical Self Organising Map, Data Mining.

Related Ontology Subjects/Areas/Topics: Artificial Intelligence ; Data Mining ; Databases and Information Systems Integration ; Enterprise Information Systems ; Internet Technology ; Sensor Networks ; Signal Processing ; Soft Computing ; Web Information Systems and Technologies ; Web Security and Privacy

Abstract: In modern networks HTTP clients request and send information using queries. Such queris are easy to manipulate to include malicious attacks which can allow attackers to corrupt a server or collect confidential information. In this study, the approach based on self-organizing maps is considered to detect such attacks. Feature matrices are obtained by applying n-gram model to extract features from HTTP requests contained in network logs. By learning on basis of these matrices, growing hierarchical self-organizing maps are constructed and by using these maps new requests received by the web-server are classified. The technique proposed allows to detect online HTTP attacks in the case of continuous updated web-applications. The algorithm proposed was tested using Logs, which were aquire acquired from a large real-life web-service and include normal and intrusive requests. As a result, almost all attacks from these logs have been detected, and the number of false alarms was very low at the same time. (More)

PDF ImageFull Text

Download
Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 18.212.93.234

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Zolotukhin M., Hämäläinen T. and Juvonen A. (2012). GROWING HIERARCHICAL SELF-ORGANISING MAPS FOR ONLINE ANOMALY DETECTION BY USING NETWORK LOGS.In Proceedings of the 8th International Conference on Web Information Systems and Technologies - Volume 1: WEBIST, ISBN 978-989-8565-08-2, pages 633-642. DOI: 10.5220/0003936606330642

@conference{webist12,
author={Mikhail Zolotukhin and Timo Hämäläinen and Antti Juvonen},
title={GROWING HIERARCHICAL SELF-ORGANISING MAPS FOR ONLINE ANOMALY DETECTION BY USING NETWORK LOGS},
booktitle={Proceedings of the 8th International Conference on Web Information Systems and Technologies - Volume 1: WEBIST,},
year={2012},
pages={633-642},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0003936606330642},
isbn={978-989-8565-08-2},
}

TY - CONF

JO - Proceedings of the 8th International Conference on Web Information Systems and Technologies - Volume 1: WEBIST,
TI - GROWING HIERARCHICAL SELF-ORGANISING MAPS FOR ONLINE ANOMALY DETECTION BY USING NETWORK LOGS
SN - 978-989-8565-08-2
AU - Zolotukhin M.
AU - Hämäläinen T.
AU - Juvonen A.
PY - 2012
SP - 633
EP - 642
DO - 10.5220/0003936606330642

Login or register to post comments.

Comments on this Paper: Be the first to review this paper.