Online Anomaly Detection by Using N-gram Model and Growing Hierarchical Self-Organizing Maps

被引:0
|
作者
Zolotukhin, Mikhail [1 ]
Hamalainen, Timo [1 ]
Juvonen, Antti [1 ]
机构
[1] Univ Jyvaskyla, Dept Math Informat Technol, FI-40014 Jyvvaskyla, Finland
来源
2012 8TH INTERNATIONAL WIRELESS COMMUNICATIONS AND MOBILE COMPUTING CONFERENCE (IWCMC) | 2012年
关键词
Data mining; intrusion detection; anomaly detection; n-gram; growing hierarchical self-organizing map;
D O I
暂无
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
In this research, online detection of anomalous HTTP requests is carried out with Growing Hierarchical Self-Organizing Maps (GHSOMs). By applying an n-gram model to HTTP requests from network logs, feature matrices are formed. GHSOMs are then used to analyze these matrices and detect anomalous requests among new requests received by the web-server. The system proposed is self-adaptive and allows detection of online malicious attacks in the case of continuously updated web-applications. The method is tested with network logs, which include normal and intrusive requests. Almost all anomalous requests from these logs are detected while keeping the false positive rate at a very low level.
引用
收藏
页码:47 / 52
页数:6
相关论文
共 50 条
  • [1] Self-Organizing n-gram Model for Automatic Word Spacing
    Park, Seong-Bae
    Tae, Yoon-Shik
    Park, Se-Young
    COLING/ACL 2006, VOLS 1 AND 2, PROCEEDINGS OF THE CONFERENCE, 2006, : 633 - 640
  • [2] Network Security Using Growing Hierarchical Self-Organizing Maps
    Palomo, E. J.
    Dominguez, E.
    Luque, R. M.
    Munoz, J.
    ADAPTIVE AND NATURAL COMPUTING ALGORITHMS, 2009, 5495 : 130 - 139
  • [3] Growing Hierarchical Self-organizing Maps and Statistical Distribution Models for Online Detection of Web Attacks
    Zolotukhin, Mikhail
    Hamalainen, Timo
    Juvonen, Antti
    WEB INFORMATION SYSTEMS AND TECHNOLOGIES, WEBIST 2012, 2013, 140 : 281 - 295
  • [4] Distributed Representation of n-gram Statistics for Boosting Self-organizing Maps with Hyperdimensional Computing
    Kleyko, Denis
    Osipov, Evgeny
    De Silva, Daswin
    Wiklund, Urban
    Vyatkin, Valeriy
    Alahakoon, Damminda
    PERSPECTIVES OF SYSTEM INFORMATICS (PSI 2019), 2019, 11964 : 64 - 79
  • [5] Using self-organizing maps for anomaly detection in hyperspectral imagery
    Penn, BS
    2002 IEEE AEROSPACE CONFERENCE PROCEEDINGS, VOLS 1-7, 2002, : 1531 - 1535
  • [6] Growing hierarchical self-organizing maps for Web mining
    Herbert, Joseph P.
    Yao, JingTao
    PROCEEDINGS OF THE IEEE/WIC/ACM INTERNATIONAL CONFERENCE ON WEB INTELLIGENCE: WI 2007, 2007, : 299 - 302
  • [7] Mining multilingual texts using growing hierarchical self-organizing maps
    Yang, Hsin-Chang
    Chen, Ding-Wen
    Lee, Chung-Hong
    PROCEEDINGS OF 2007 INTERNATIONAL CONFERENCE ON MACHINE LEARNING AND CYBERNETICS, VOLS 1-7, 2007, : 2263 - +
  • [8] Action Recognition Online with Hierarchical Self-Organizing Maps
    Gharaee, Zahra
    Gardenfors, Peter
    Johnsson, Magnus
    2016 12TH INTERNATIONAL CONFERENCE ON SIGNAL-IMAGE TECHNOLOGY & INTERNET-BASED SYSTEMS (SITIS), 2016, : 538 - 544
  • [9] Network Anomaly Detection with Bayesian Self-Organizing Maps
    de la Hoz Franco, Emiro
    Ortiz Garcia, Andres
    Ortega Lopera, Julio
    de la Hoz Correa, Eduardo
    Prieto Espinosa, Alberto
    ADVANCES IN COMPUTATIONAL INTELLIGENCE, PT I, 2013, 7902 : 530 - +
  • [10] Image Compression based on Growing Hierarchical Self-Organizing Maps
    Palomo, E. J.
    Dominguez, E.
    2011 INTERNATIONAL JOINT CONFERENCE ON NEURAL NETWORKS (IJCNN), 2011, : 1624 - 1628
12345