Anomaly detection from network logs using diffusion maps

DSpace/Manakin Repository

Show simple item record Sipola, Tuomo Juvonen, Antti Lehtonen, Joel 2012-06-05T09:10:09Z 2012-06-05T09:10:09Z 2011
dc.identifier.citation Sipola, T., Juvonen, A., & Lehtonen, J. (2011). Anomaly detection from network logs using diffusion maps. In L. Iliadis, & C. Jayne (Eds.), <em>Engineering Applications of Neural Networks</em> (pp. 172-181). IFIP Advances in Information and Communication Technology (363). Boston: Springer. <a href="">doi:10.1007/978-3-642-23957-1_20</a> Retrieved from <a href=""></a> fi
dc.identifier.isbn 978-3-642-23956-4
dc.identifier.issn 1868-4238
dc.identifier.other TUTKAID_46410
dc.description.abstract The goal of this study is to detect anomalous queries from network logs using a dimensionality reduction framework. The fequencies of 2-grams in queries are extracted to a feature matrix. Dimensionality reduction is done by applying diffusion maps. The method is adaptive and thus does not need training before analysis. We tested the method with data that includes normal and intrusive traffic to a web server. This approach finds all intrusions in the dataset.
dc.language.iso eng
dc.publisher Springer
dc.relation.ispartof Engineering Applications of Neural Networks
dc.relation.ispartofseries IFIP Advances in Information and Communication Technology
dc.rights openAccess fi
dc.rights © Springer. This is an electronic final draft version of an article whose final and definitive form has been published by Springer.
dc.subject.other hyökkäyksen havaitseminen fi
dc.subject.other poikkeavuuden havaitseminen fi
dc.subject.other n-grammit fi
dc.subject.other diffuusiokartta fi
dc.subject.other tiedonlouhinta fi
dc.subject.other koneoppiminen fi
dc.subject.other intrusion detection fi
dc.subject.other anomaly detection fi
dc.subject.other n-grams fi
dc.subject.other diffusion map fi
dc.subject.other data mining fi
dc.subject.other machine learning fi
dc.title Anomaly detection from network logs using diffusion maps
dc.type Conference paper
dc.identifier.urn URN:NBN:fi:jyu-201206051800
dc.subject.kota 111, 112, 113
dc.contributor.laitos Tietotekniikan laitos
dc.contributor.oppiaine tietotekniikka fi
jyx.tutka.pagetopage 172-181
dc.identifier.doi 10.1007/978-3-642-23957-1_20 2012-06-05T03:30:05Z
dc.description.version Final Draft
dc.type.coar conference paper
dc.description.reviewstatus peerReviewed
dc.format.pagerange 172-181
dc.relation.issn 1868-4238
dc.type.version acceptedVersion
dc.rights.accesslevel openAccess

This item appears in the following Collection(s)

Show simple item record