Online Anomaly Detection by Using N-gram Model and Growing Hierarchical Self-Organizing Maps

被引:0
|
作者
Zolotukhin, Mikhail [1 ]
Hamalainen, Timo [1 ]
Juvonen, Antti [1 ]
机构
[1] Univ Jyvaskyla, Dept Math Informat Technol, FI-40014 Jyvvaskyla, Finland
来源
2012 8TH INTERNATIONAL WIRELESS COMMUNICATIONS AND MOBILE COMPUTING CONFERENCE (IWCMC) | 2012年
关键词
Data mining; intrusion detection; anomaly detection; n-gram; growing hierarchical self-organizing map;
D O I
暂无
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
In this research, online detection of anomalous HTTP requests is carried out with Growing Hierarchical Self-Organizing Maps (GHSOMs). By applying an n-gram model to HTTP requests from network logs, feature matrices are formed. GHSOMs are then used to analyze these matrices and detect anomalous requests among new requests received by the web-server. The system proposed is self-adaptive and allows detection of online malicious attacks in the case of continuously updated web-applications. The method is tested with network logs, which include normal and intrusive requests. Almost all anomalous requests from these logs are detected while keeping the false positive rate at a very low level.
引用
收藏
页码:47 / 52
页数:6
相关论文
共 50 条
  • [31] Efficient classification using growing hierarchical self organizing maps
    Chandra, B
    Mili
    8TH WORLD MULTI-CONFERENCE ON SYSTEMICS, CYBERNETICS AND INFORMATICS, VOL XII, PROCEEDINGS: APPLICATIONS OF CYBERNETICS AND INFORMATICS IN OPTICS, SIGNALS, SCIENCE AND ENGINEERING, 2004, : 222 - 227
  • [32] Growing Hierarchical Probabilistic Self-Organizing Graphs
    Lopez-Rubio, Ezequiel
    Jose Palomo, Esteban
    IEEE TRANSACTIONS ON NEURAL NETWORKS, 2011, 22 (07): : 997 - 1008
  • [33] Fuzzy Growing Hierarchical Self-Organizing Networks
    Barreto-Sanz, Miguel
    Perez-Uribe, Andres
    Pena-Reyes, Carlos-Andres
    Tomassini, Marco
    ARTIFICIAL NEURAL NETWORKS - ICANN 2008, PT II, 2008, 5164 : 713 - +
  • [34] Intrusion detection using Emergent Self-Organizing Maps
    Mitrokotsa, Aikaterini
    Douligeris, Christos
    ADVANCES IN ARTIFICIAL INTELLIGENCE, PROCEEDINGS, 2006, 3955 : 559 - 562
  • [35] Intrusion Detection System using Self-Organizing Maps
    Alsulaiman, Mansour M.
    Alyahya, Aasem N.
    Alkharboush, Raed A.
    Alghafis, Nasser S.
    NSS: 2009 3RD INTERNATIONAL CONFERENCE ON NETWORK AND SYSTEM SECURITY, 2009, : 397 - +
  • [36] Similar document detection using self-organizing maps
    Lensu, Anssi
    Koikkalainen, Pasi
    International Conference on Knowledge-Based Intelligent Electronic Systems, Proceedings, KES, 1999, : 174 - 177
  • [37] Uncovering hierarchical structure in data using the growing hierarchical self-organizing map
    Dittenbach, M
    Rauber, A
    Merkl, D
    NEUROCOMPUTING, 2002, 48 : 199 - 216
  • [38] Sea surface temperature patterns on the West Florida Shelf using growing hierarchical self-organizing maps
    Liu, YG
    Weisberg, RH
    He, RY
    JOURNAL OF ATMOSPHERIC AND OCEANIC TECHNOLOGY, 2006, 23 (02) : 325 - 338
  • [39] Entropy-Defined Direct Batch Growing Hierarchical Self-Organizing Mapping for Efficient Network Anomaly Detection
    Qu, Xiaofei
    Yang, Lin
    Guo, Kai
    Pan, Zhisong
    Feng, Tao
    Ren, Shuangyin
    Sun, Meng
    IEEE ACCESS, 2021, 9 : 38522 - 38530
  • [40] Fault detection using hierarchical self-organizing map
    Ge, M
    Du, R
    Xu, YS
    2003 IEEE INTERNATIONAL CONFERENCE ON ROBOTICS, INTELLIGENT SYSTEMS AND SIGNAL PROCESSING, VOLS 1 AND 2, PROCEEDINGS, 2003, : 565 - 570
12345