Network anomaly detection in the Microsoft Windows system logs using machine learning methods
Download article in PDF format
Authors: Pavlychev A. V., Soldatov K. S., Skazin V. A.
Annotation: An algorithm for network anomaly detection in the system security logs of the Microsoft Windows operating system with using machine learning methods was developed. Preprocessing, clustering, and visualization of the studied data were carried out. The proposed algorithm has confirmed its efficiency by identifying events in the studied dataset that indicate the operation of a malicious software.
Keywords: cybersecurity audit, windows system journals, machine learning, clusterization, network anomaly