| dc.contributor.author | Sipola, Tuomo | |
| dc.contributor.author | Juvonen, Antti | |
| dc.contributor.author | Lehtonen, Joel | |
| dc.date.accessioned | 2013-02-26T09:24:34Z | |
| dc.date.available | 2013-02-26T09:24:34Z | |
| dc.date.issued | 2012 | |
| dc.identifier.citation | Sipola, T., Juvonen, A., & Lehtonen, J. (2012). Dimensionality reduction framework for detecting anomalies from network logs. <i>Engineering Intelligent Systems</i>, <i>20</i>(1/2), 87-97. | |
| dc.identifier.other | CONVID_21505967 | |
| dc.identifier.uri | https://jyx.jyu.fi/handle/123456789/40988 | |
| dc.description.abstract | Dynamic web services are vulnerable to multitude of intrusions that could be previously unknown. Server logs contain vast amounts of information about network traffic, and finding attacks from these logs improves the security of the services. In this research features are extracted from HTTP query parameters using 2-grams. We propose a framework that uses dimensionality reduction and clustering to identify anomalous behavior. The framework detects intrusions from log data gathered from a real network service. This approach is adaptive, works on the application layer and reduces the number of log lines that needs to be inspected. Furthermore, the traffic can be visualized. | fi |
| dc.language.iso | eng | |
| dc.publisher | CRL Publishing | |
| dc.relation.ispartofseries | Engineering Intelligent Systems | |
| dc.relation.uri | http://www.crlpublishing.co.uk/journal.asp?j=eis&s=Aims and Scope | |
| dc.subject.other | tunkeutumisen havaitseminen | |
| dc.subject.other | poikkeavuuden havaitseminen | |
| dc.subject.other | n-grammit | |
| dc.subject.other | diffuusiokartta | |
| dc.subject.other | intrusion detection | |
| dc.subject.other | anomaly detection | |
| dc.subject.other | n-grams | |
| dc.subject.other | diffusion map | |
| dc.title | Dimensionality reduction framework for detecting anomalies from network logs | |
| dc.type | research article | |
| dc.identifier.urn | URN:NBN:fi:jyu-201210122663 | |
| dc.contributor.laitos | Tietotekniikan laitos | fi |
| dc.contributor.laitos | Department of Mathematical Information Technology | en |
| dc.contributor.oppiaine | Tietotekniikka | fi |
| dc.contributor.oppiaine | Mathematical Information Technology | en |
| dc.type.uri | http://purl.org/eprint/type/JournalArticle | |
| dc.date.updated | 2012-10-12T03:30:04Z | |
| dc.type.coar | http://purl.org/coar/resource_type/c_2df8fbb1 | |
| dc.description.reviewstatus | peerReviewed | |
| dc.format.pagerange | 87-97 | |
| dc.relation.issn | 1472-8915 | |
| dc.relation.numberinseries | 1/2 | |
| dc.relation.volume | 20 | |
| dc.type.version | acceptedVersion | |
| dc.rights.copyright | © 2012 CRL Publishing Ltd. This is an author's postprint version of on article whose final and definitive form has been published by CRL Publsihing. | |
| dc.rights.accesslevel | openAccess | fi |
| dc.type.publication | article | |
| dc.subject.yso | tiedonlouhinta | |
| dc.subject.yso | koneoppiminen | |
| jyx.subject.uri | http://www.yso.fi/onto/yso/p5520 | |
| jyx.subject.uri | http://www.yso.fi/onto/yso/p21846 | |
| dc.type.okm | A1 | |
