Open AccessDetection of network anomalies in log files using machine learning methods
Author(s) -
V A Skazin,
A V Pavlychev,
Sergey Sergeevich Zotov
Publication year - 2021
Publication title -
iop conference series. materials science and engineering
Language(s) - English
Resource type - Journals
eISSN - 1757-899X
pISSN - 1757-8981
DOI - 10.1088/1757-899x/1069/1/012021
Subject(s) - computer science , cluster analysis , data mining , context (archaeology) , web log analysis software , machine learning , world wide web , web page , paleontology , static web page , biology , web navigation
Detection of network anomalies plays an important role in ensuring information security and countering unauthorized access to information infrastructure, including critical facilities. Detecting of abnormal events in log files is complicated by the fact that individual events without any context may be uninformative. The growing importance of log file analysis in large computer systems requires the development of automated methods for processing unstructured data that retrieves information from large log files without human intervention. This article discusses K-means data clustering method and Isolation forest and OSVM machine learning algorithms in terms of searching network anomalies in network log files in order to detect malicious domains.