Tesi etd-01262021-175243 |
Link copiato negli appunti
Tipo di tesi
Tesi di laurea magistrale
Autore
SABELLA, SAMUELE
URN
etd-01262021-175243
Titolo
Detecting network anomalies using the feature space latent representation
Dipartimento
INFORMATICA
Corso di studi
INFORMATICA
Relatori
relatore Prof. Deri, Luca
relatore Prof. Attardi, Giuseppe
relatore Prof. Attardi, Giuseppe
Parole chiave
- anomaly detection
- machine learning
- network monitoring
- time series
Data inizio appello
05/03/2021
Consultabilità
Tesi non consultabile
Riassunto
In this thesis, unsupervised learning techniques are applied to detect unexpected events in hosts' network traffic data. We call these events anomalies and propose a technique that is not only focused on detecting security threats but can also be generalized to different network events of interest like people habits changes. Unlike recent studies, we took advantage of the latent space built by our models to characterize hosts and their behavior. Successively, anomalies are found as those events whose latent representation in the feature space greatly differs from the usual host's activity. Due to the current limitations of the publicly available datasets we were able to test our approach only to detect security threats within network activity. The comparison with publicly available unsupervised tools showed that the proposed approach improves the state of the art detection of those threats. The work also shows that exploiting the network activity latent representation can improve current network monitoring tools by reducing the data that a network administrator has to monitor.
File
Nome file | Dimensione |
---|---|
Tesi non consultabile. |