Show simple item record

dc.contributor.authorJuvonen, Antti
dc.contributor.authorHämäläinen, Timo
dc.date.accessioned2014-08-04T10:19:21Z
dc.date.available2014-08-04T10:19:21Z
dc.date.issued2014fi
dc.identifier.citationJuvonen, A., & Hämäläinen, T. (2014). An Efficient Network Log Anomaly Detection System using Random Projection Dimensionality Reduction. In M. Badra, & O. Alfandi (Eds.), <em>2014 6th International Conference on New Technologies, Mobility and Security (NTMS) : Proceedings of NTMS'2014 Conference and Workshops</em>. IEEE. <a href="http://dx.doi.org/10.1109/NTMS.2014.6814006">doi:10.1109/NTMS.2014.6814006</a>fi
dc.identifier.otherTUTKAID_61606
dc.identifier.urihttps://jyx.jyu.fi/handle/123456789/43932
dc.description.abstractNetwork traffic is increasing all the time and network services are becoming more complex and vulnerable. To protect these networks, intrusion detection systems are used. Signature-based intrusion detection cannot find previously unknown attacks, which is why anomaly detection is needed. However, many new systems are slow and complicated. We propose a log anomaly detection framework which aims to facilitate quick anomaly detection and also provide visualizations of the network traffic structure. The system preprocesses network logs into a numerical data matrix, reduces the dimensionality of this matrix using random projection and uses Mahalanobis distance to find outliers and calculate an anomaly score for each data point. Log lines that are too different are flagged as anomalies. The system is tested with real-world network data, and actual intrusion attempts are found. In addition, visualizations are created to represent the structure of the network data. We also perform computational time evaluation to ensure the performance is feasible. The system is fast, finds real intrusion attempts and does not need clean training data.fi
dc.language.isoeng
dc.publisherIEEE
dc.relation.ispartof6th International Conference on New Technologies, Mobility and Security (NTMS) : Proceedings of NTMS'2014 Conference and Workshops. Edited by Badra, & O. Alfandi. 2014 IEEE. ISNB 978-1-4799-3223-8.
dc.subject.otherintrusion detectionfi
dc.subject.otherdata miningfi
dc.subject.othermachine learningfi
dc.subject.otherrandom projectionfi
dc.subject.othermahalanobis distancefi
dc.titleAn Efficient Network Log Anomaly Detection System using Random Projection Dimensionality Reductionfi
dc.identifier.urnURN:NBN:fi:jyu-201406252141
dc.contributor.laitosTietotekniikan laitosfi
dc.contributor.laitosDepartment of Mathematical Information Technologyen
dc.contributor.oppiaineTietotekniikka
jyx.tutka.ksname2014 6th International Conference on New Technologies, Mobility and Security (NTMS) : Proceedings of NTMS'2014 Conference and Workshops
dc.type.urihttp://purl.org/eprint/type/ConferencePaper
dc.date.updated2014-06-25T03:30:04Z
dc.type.coarconference paper
dc.description.reviewstatuspeerReviewed
dc.type.versionacceptedVersion
dc.rights.copyright© IEEE. This is the authors’ postprint version of the article. The original print version is available online at http://ieeexplore. ieee.org/stamp/stamp.jsp?tp=&arnumber=6814006&isnumber=6813963
dc.rights.accesslevelopenAccessfi
dc.relation.doi10.1109/NTMS.2014.6814006


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record