EEMCS
Home > Publications
Home University of Twente
Education
Research
Prospective Students
Jobs
Publications
Intranet (internal)
 
 Nederlands
 Contact
 Search
 Organisation

EEMCS EPrints Service


21951 Detecting outliers in web-based network traffic
 Home Policy Brochure Browse Search User Area Contact Help

Stemmer, J. (2012) Detecting outliers in web-based network traffic. Master's thesis, University of Twente.

Full text available as:

PDF

2323 Kb

Abstract

Regular anomaly detection approaches require the full network payload data or low-level access to the system. In cases where this kind of information is not available because of limited system access, encrypted data or privacy reasons these approaches cannot be used. We present an anomaly detection technique for these cases using an outlier detection algorithm. The individual requests from a request log are grouped together to reconstruct the original sessions. These sessions form a new dataset from which anomalies can be detected using a Self-Organizing Map. We train the Self-Organizing Map with a subset of the sessions and then perform the outlier detection on the rest of the dataset. Using this approach we are able to identify several automated attacks, however the lack of information in the individual requests make it hard to distinguish regular user behavior from manually crafted attacks.

Item Type:Master's Thesis
Research Group:EWI-DIES: Distributed and Embedded Security
Research Program:CTIT-ISTRICE: Integrated Security and Privacy in a Networked World
Uncontrolled Keywords:Detecting, traffic
ID Code:21951
Deposited On:21 June 2012
More Information:statistics

Export this item as:

To correct this item please ask your editor

Repository Staff Only: edit this item