University of Twente Student Theses
detecting outliers in web-based network traffic
Stemmer, Joel (2012) detecting outliers in web-based network traffic.
![[img]](http://essay.utwente.nl/style/images/fileicons/application_pdf.png) |
PDF
2MB |
| Abstract: | Regular anomaly detection approaches require the full network payload data or low-level access to the system. In cases where this kind of information is not available because of limited system access, encrypted data or privacy reasons these approaches cannot be used. We present an anomaly detection technique for these cases using an outlier detection algorithm. The individual requests from a request log are grouped together to reconstruct the original sessions. These sessions form a new dataset from which anomalies can be detected using a Self-Organizing Map. We train the Self-Organizing Map with a subset of the sessions and then perform the outlier detection on the rest of the dataset. Using this approach we are able to identify several automated attacks, however the lack of information in the individual requests make it hard to distinguish regular user behavior from manually crafted attacks |
| Item Type: | Essay (Master) |
| Faculty: | EEMCS: Electrical Engineering, Mathematics and Computer Science |
| Subject: | 54 computer science |
| Programme: | Computer Science MSc (60300) |
| Link to this item: | https://purl.utwente.nl/essays/61640 |
| Export this item as: | BibTeX EndNote HTML Citation Reference Manager |
Show download statistics for this publication
Show download statistics for this publicationRepository Staff Only: item control page