In this paper, we present a novel system to detect abnormal behaviour of computer network users based on features of web pages which were requested by a user (e.g. URL address, URL category, the day of week or time when the web page was visited). There are many causes of an abnormal behaviour of network users e.g. a computer can be infected by a virus or a Trojan, a stranger can take control of a computer system, etc. Thus, the proposed system can be a very important security mechanism in networks. The system can be also used to make personal user profiles. We use the bag-of-words model to analyse the text data from firewall logs from 63 users collected over a one and half month period. The 500 GB of the network traffic meta-data allowed to achieve satisfactory classification accuracy.
CITATION STYLE
Nowak, J., Korytkowski, M., Nowicki, R., Scherer, R., & Siwocha, A. (2018). Random forests for profiling computer network users. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 10842 LNAI, pp. 734–739). Springer Verlag. https://doi.org/10.1007/978-3-319-91262-2_64
Mendeley helps you to discover research relevant for your work.