Online Anomaly Detection by Using N-gram Model and Growing Hierarchical Self-Organizing Maps

被引：0

作者：

Zolotukhin, Mikhail ^{[1
]}

Hamalainen, Timo ^{[1
]}

Juvonen, Antti ^{[1
]}

机构：

[1] Univ Jyvaskyla, Dept Math Informat Technol, FI-40014 Jyvvaskyla, Finland

来源：

2012 8TH INTERNATIONAL WIRELESS COMMUNICATIONS AND MOBILE COMPUTING CONFERENCE (IWCMC) | 2012年

关键词：

Data mining; intrusion detection; anomaly detection; n-gram; growing hierarchical self-organizing map;

D O I：

暂无

中图分类号：

TP3 [计算技术、计算机技术];

学科分类号：

0812 ;

摘要：

In this research, online detection of anomalous HTTP requests is carried out with Growing Hierarchical Self-Organizing Maps (GHSOMs). By applying an n-gram model to HTTP requests from network logs, feature matrices are formed. GHSOMs are then used to analyze these matrices and detect anomalous requests among new requests received by the web-server. The system proposed is self-adaptive and allows detection of online malicious attacks in the case of continuously updated web-applications. The method is tested with network logs, which include normal and intrusive requests. Almost all anomalous requests from these logs are detected while keeping the false positive rate at a very low level.

引用

页码：47 / 52

页数：6

共 50 条

[21] A clustering method using hierarchical self-organizing maps
Endo, M
Ueno, M
Tanabe, T
JOURNAL OF VLSI SIGNAL PROCESSING SYSTEMS FOR SIGNAL IMAGE AND VIDEO TECHNOLOGY, 2002, 32 (1-2): : 105 - 118
[22] A Clustering Method Using Hierarchical Self-Organizing Maps
Masahiro Endo
Masahiro Ueno
Takaya Tanabe
Journal of VLSI signal processing systems for signal, image and video technology, 2002, 32 : 105 - 118
[23] The growing hierarchical self-organizing map
Dittenbach, M
Merkl, D
Rauber, A
IJCNN 2000: PROCEEDINGS OF THE IEEE-INNS-ENNS INTERNATIONAL JOINT CONFERENCE ON NEURAL NETWORKS, VOL VI, 2000, : 15 - 19
[24] Novelty detection using Self-Organizing Maps
Ypma, A
Duin, RPW
PROGRESS IN CONNECTIONIST-BASED INFORMATION SYSTEMS, VOLS 1 AND 2, 1998, : 1322 - 1325
[25] A Causal Model Using Self-Organizing Maps
Chung, Younjin
Takatsuka, Masahiro
NEURAL INFORMATION PROCESSING, PT II, 2015, 9490 : 591 - 600
[26] An Anomaly Detection Algorithm of Cloud Platform Based on Self-Organizing Maps
Liu, Jun
Chen, Shuyu
Zhou, Zhen
Wu, Tianshu
MATHEMATICAL PROBLEMS IN ENGINEERING, 2016, 2016
[27] Image retrieval using hierarchical self-organizing feature maps
Sethi, IK
Coman, I
PATTERN RECOGNITION LETTERS, 1999, 20 (11-13) : 1337 - 1345
[28] Fault recognition using growing hierarchical self-organizing map
State Key Laboratory of Digital Manufacturing Equipment and Technology, Huazhong University of Science and Technology, Wuhan 430074, China
不详
Huazhong Ligong Daxue Xuebao, 2008, 7 (105-107): : 105 - 107
[29] Growing Hierarchical Self-Organizing Map Using Category Utility
Murakoshi, Kazushi
Fujikawa, Satoshi
INTERNATIONAL JOURNAL OF SOFTWARE ENGINEERING AND KNOWLEDGE ENGINEERING, 2016, 26 (02) : 217 - 237
[30] Organizing and visualizing software repositories using the growing hierarchical self-organizing map
Tangsripairoj, S
Samadzadeh, MH
JOURNAL OF INFORMATION SCIENCE AND ENGINEERING, 2006, 22 (02) : 283 - 295

← 1 2 3 4 5 →