Tipo di tesi
Tesi di laurea magistrale
Titolo
Detecting network anomalies using the feature space latent representation
Corso di studi
INFORMATICA
Parole chiave
- anomaly detection
- machine learning
- network monitoring
- time series
Data inizio appello
05/03/2021
Consultabilità
Tesi non consultabile
Riassunto (Italiano)
In this thesis, unsupervised learning techniques are applied to detect unexpected events in hosts' network traffic data. We call these events anomalies and propose a technique that is not only focused on detecting security threats but can also be generalized to different network events of interest like people habits changes. Unlike recent studies, we took advantage of the latent space built by our models to characterize hosts and their behavior. Successively, anomalies are found as those events whose latent representation in the feature space greatly differs from the usual host's activity. Due to the current limitations of the publicly available datasets we were able to test our approach only to detect security threats within network activity. The comparison with publicly available unsupervised tools showed that the proposed approach improves the state of the art detection of those threats. The work also shows that exploiting the network activity latent representation can improve current network monitoring tools by reducing the data that a network administrator has to monitor.
