Current computer systems are more connected than ever. Consequently, they are far more vulnerable to malicious attacks and breaches. Logs can indicate any critical event that occurred in any system, but the enormous volume of log files generated daily makes it impracticable for humans to monitor every possible incident. This project aims to overcome this challenge by deploying machine learning algorithms to detect anomalies and various patterns in computer systems and networks. As a first step, we surveyed the state-of-the-art approaches. We identified rule-based log analysis as a suitable technique to extract meaningful information from the massive volume of logs. Using the obtained dataset, we started exploring machine learning algorithms to detect anomalous patterns in the data. Considerable work is still ahead. In future work, we aim to compare the efficacy of various machine learning algorithms and develop a system prototype based on the best-performing methods.
Pekár Adrián
2021-07-15
Támogató: QUADRON Kibervédelmi Kft.