Network anomaly detection in the Microsoft Windows system logs using machine learning methods

Download article in PDF format

Authors: Pavlychev A. V., Soldatov K. S., Skazin V. A.

Annotation: An algorithm for network anomaly detection in the system security logs of the Microsoft Windows operating system with using machine learning methods was developed. Preprocessing, clustering, and visualization of the studied data were carried out. The proposed algorithm has confirmed its efficiency by identifying events in the studied dataset that indicate the operation of a malicious software.

Keywords: cybersecurity audit, windows system journals, machine learning, clusterization, network anomaly

Editorial office address

Executive Secretary of the Editor’s Office

 Editor’s Office: 40 Lenina Prospect, Tomsk, 634050, Russia

  Phone / Fax: + 7 (3822) 701-582

  journal@tusur.ru

 

Viktor N. Maslennikov

Executive Secretary of the Editor’s Office

 Editor’s Office: 40 Lenina Prospect, Tomsk, 634050, Russia

  Phone / Fax: + 7 (3822) 51-21-21 / 51-43-02

  vnmas@tusur.ru

Subscription for updates