University of Twente Student Theses
Detecting Exploit kits using Machine Learning
Jagannatha, P. (2016) Detecting Exploit kits using Machine Learning.
PDF
10MB |
Abstract: | The job of a security analyst is often similar to the task of finding a needle in a haystack when the clock is ticking. It is not about having the knowledge of computing and networking on a level of how it functions, but it is about finding something that is present underneath the covers. A security analyst has to go through a lot of data manually to learn/identify about a security incident. However, it is not only time-consuming, but also difficult to perform a thorough analysis of large data manually. This work focuses on providing an efficient methodology for a two-layer detection scheme, which is not only lightweight but also effective in attack detection and clustering. This research project has developed a new approach for the automatic detection of a network security incident, namely Exploit kits in this work. This research uses machine learning to detect Exploit kits with the help of supervised and unsupervised learning approach. The feature selection based on information gain allows data itself to explain the importance of individual features for the detection. This helps human experts avoid tedious manual feature selection. |
Item Type: | Essay (Master) |
Clients: | FOX-IT, Delft, Netherlands FOX-IT, Delft, Netherlands FOX-IT, Delft, Netherlands |
Faculty: | EEMCS: Electrical Engineering, Mathematics and Computer Science |
Subject: | 54 computer science |
Programme: | Computer Science MSc (60300) |
Link to this item: | https://purl.utwente.nl/essays/71416 |
Export this item as: | BibTeX EndNote HTML Citation Reference Manager |
Repository Staff Only: item control page