Detecting Temporal and Spatial Anomalies in Users’ Activities for Security Provisioning in Computer Networks

Abstract

The paper summarizes a Doctoral Thesis that focuses on two new approaches for detecting anomalies in computer networks based on network flows. The approaches use incremental hierarchical clustering algorithms and monitor changes in the data structures to detect anomalies. Both approaches achieved prediction performance comparable to the state-of-the-art supervised approaches (F1 score over 0.90), even when taking into account that our approaches see every data point only once and then discard it and they operate without the prerequisite learning phase with labeled data.

Author Biography

Aleks Huč, University of Ljubljana Faculty of Computer and Information Science Večna pot 113 SI-1000 Ljubljana Slovenia

Assistant

References

Kizza, J. M. (2020), Guide to computer network security, Springer.

Thakkar, A. and Lohiya, R. (2021), A survey on intrusion detection system: feature selection, model, performance measures, application perspective, challenges, and future research directions, Artificial Intelligence Review, Springer, pp. 1--111.

Huč, A. (2022), Detecting temporal and spatial anomalies in users' activities for security provisioning in computer networks, doktorska disertacija, Ljubljana, https://repozitorij.uni-lj.si/IzpisGradiva.php?id=137562.

Sharafaldin, I. and Lashkari, A. H. and Ghorbani, A. A. (2018), Toward Generating a New Intrusion Detection Dataset and Intrusion Traffic Characterizationy, 4th International Conference on Information Systems Security and Privacy (ICISSP), pp. 108--116.

Huč, A. and Trček, D. (2021), Anomaly detection in IoT networks: From architectures to machine learning transparency, IEEE Access, IEEE, pp. 60607--60616.

Authors

  • Aleks Huč University of Ljubljana Faculty of Computer and Information Science Večna pot 113 SI-1000 Ljubljana Slovenia

DOI:

https://doi.org/10.31449/inf.v47i2.4933

Downloads

Published

06/09/2023

How to Cite

Huč, A. (2023). Detecting Temporal and Spatial Anomalies in Users’ Activities for Security Provisioning in Computer Networks. Informatica, 47(2). https://doi.org/10.31449/inf.v47i2.4933

Issue

Vol. 47 No. 2 (2023)

Section

Thesis summary

License

Authors retain copyright in their work. By submitting to and publishing with Informatica, authors grant the publisher (Slovene Society Informatika) the non-exclusive right to publish, reproduce, and distribute the article and to identify itself as the original publisher.

All articles are published under the Creative Commons Attribution license CC BY 3.0. Under this license, others may share and adapt the work for any purpose, provided appropriate credit is given and changes (if any) are indicated.

Authors may deposit and share the submitted version, accepted manuscript, and published version, provided the original publication in Informatica is properly cited.