Knowledge Discovery from Network Logs
Year of publication
2015
Authors
Sipola, Tuomo
Abstract
Modern communications networks are complex systems, which facilitates malicious behavior. Dynamic web services are vulnerable to unknown intrusions, but traditional cyber security measures are based on fingerprinting. Anomaly detection differs from fingerprinting in that it finds events that differ from the baseline traffic. The anomaly detection methodology can be modelled with the knowledge discovery process. Knowledge discovery is a high-level term for the whole process of deriving actionable knowledge from databases. This article presents the theory behind this approach, and showcases research that has produced network log analysis tools and methods.
Show moreOrganizations and authors
University of Jyväskylä
Sipola Tuomo
Publication type
Publication format
Article
Parent publication type
Compilation
Article type
Other article
Audience
ScientificPeer-reviewed
Peer-ReviewedMINEDU's publication type classification code
A3 Book section, Chapters in research booksPublication channel information
Parent publication name
Publisher
Pages
195-203
ISSN
ISBN
Publication forum
Publication forum level
2
Open access
Open access in the publisher’s service
No
Self-archived
Yes
Other information
Fields of science
Computer and information sciences
Keywords
[object Object]
Publication country
Netherlands
Internationality of the publisher
International
Language
English
International co-publication
No
Co-publication with a company
No
DOI
10.1007/978-3-319-18302-2_12
The publication is included in the Ministry of Education and Culture’s Publication data collection
Yes