Knowledge Discovery from Network Logs
Abstract
Modern communications networks are complex systems, which facilitates malicious behavior. Dynamic web services are vulnerable to unknown intrusions, but traditional cyber security measures are based on fingerprinting. Anomaly detection differs from fingerprinting in that it finds events that differ from the baseline traffic. The anomaly detection methodology can be modelled with the knowledge discovery process. Knowledge discovery is a high-level term for the whole process of deriving actionable knowledge from databases. This article presents the theory behind this approach, and showcases research that has produced network log analysis tools and methods.
Main Author
Format
Books
Book part
Published
2015
Series
Subjects
Publication in research information system
Publisher
Springer International Publishing
The permanent address of the publication
https://urn.fi/URN:NBN:fi:jyu-202011236715Use this for linking
Parent publication ISBN
978-3-319-18301-5
Review status
Peer reviewed
ISSN
2213-8986
DOI
https://doi.org/10.1007/978-3-319-18302-2_12
Language
English
Published in
Intelligent Systems, Control and Automation: Science and Engineering
Is part of publication
Cyber Security: Analytics, Technology and Automation
Citation
- Sipola, T. (2015). Knowledge Discovery from Network Logs. In M. Lehto, & P. Neittaanmäki (Eds.), Cyber Security: Analytics, Technology and Automation (pp. 195-203). Springer International Publishing. Intelligent Systems, Control and Automation: Science and Engineering, 78. https://doi.org/10.1007/978-3-319-18302-2_12
License
Copyright© 2015 Springer