Using affinity perturbations to detect web traffic anomalies
Abstract
The initial training phase of machine learning algorithms
is usually computationally expensive as it involves the
processing of huge matrices. Evolving datasets are challenging
from this point of view because changing behavior requires
updating the training. We propose a method for updating the
training profile efficiently and a sliding window algorithm for
online processing of the data in smaller fractions. This assumes
the data is modeled by a kernel method that includes spectral
decomposition. We demonstrate the algorithm with a web server
request log where an actual intrusion attack is known to
happen. Updating the kernel dynamically using a sliding window
technique, prevents the problem of single initial training and can
process evolving datasets more efficiently.
Main Authors
Format
Conferences
Conference paper
Published
2013
Subjects
Publication in research information system
Publisher
EURASIP
Original source
http://www.eurasip.org/Proceedings/Ext/SampTA2013/proceedings.html
The permanent address of the publication
https://urn.fi/URN:NBN:fi:jyu-201402051189Use this for linking
Review status
Peer reviewed
Conference
International Conference on Sampling Theory and Applications
Language
English
Is part of publication
Proceedings of the 10th International Conference on Sampling Theory and Applications (SampTA 2013)
Citation
- Shmueli, Y., Sipola, T., Shabat, G., & Averbuch, A. (2013). Using affinity perturbations to detect web traffic anomalies. In W. Henkel (Ed.), Proceedings of the 10th International Conference on Sampling Theory and Applications (SampTA 2013) (pp. 444-447). EURASIP. http://www.eurasip.org/Proceedings/Ext/SampTA2013/proceedings.html
License
Copyright© 2013 EURASIP. First published in the proceedings of SampTA 2013 by EURASIP.