We use cookies in order to improve the quality and usability of the HSE website. More information about the use of cookies is available here, and the regulations on processing personal data can be found here. By continuing to use the site, you hereby confirm that you have been informed of the use of cookies by the HSE website and agree with our rules for processing personal data. You may disable cookies in your browser settings.

  • A
  • A
  • A
  • ABC
  • ABC
  • ABC
  • А
  • А
  • А
  • А
  • А
Regular version of the site
For visually-impairedFor visually-impairedUser profile (HSE staff only)SearchMenu
HSE University

 

Have you spotted a typo?
Highlight it, click Ctrl+Enter and send us a message. Thank you for your help!

Detection of Network Anomalies by Machine Learning Methods

Student: Dmitrii Koltakov

Supervisor: Viktor Minchenkov

Faculty: HSE Tikhonov Moscow Institute of Electronics and Mathematics (HSE MIEM)

Educational Programme: Information Security (Bachelor)

Final Grade: 8

Year of Graduation: 2023

Currently, the main way to protect against network attacks, not taking into account the software elimination of vulnerabilities, is the signature method. This approach makes it possible to detect attacks based on the previously identified pattern. For protection, a set of measures is used to prevent the attack itself and distribute the load, in the case of a dos (denial of service) attack. This paper discusses and demonstrates a new approach to detecting anomalous activity in traffic: based on a deep analysis of traffic packets to determine flood attacks and payloads for NGFW systems, using classical machine learning algorithms and neural networks. It is assumed that in the future such solutions will significantly expand the ability to analyze cybersecurity events, correlating anomalies detected by the signature method and the method based on machine learning.

Full text (added May 14, 2023)

Student Theses at HSE must be completed in accordance with the University Rules and regulations specified by each educational programme.

Summaries of all theses must be published and made freely available on the HSE website.

The full text of a thesis can be published in open access on the HSE website only if the authoring student (copyright holder) agrees, or, if the thesis was written by a team of students, if all the co-authors (copyright holders) agree. After a thesis is published on the HSE website, it obtains the status of an online publication.

Student theses are objects of copyright and their use is subject to limitations in accordance with the Russian Federation’s law on intellectual property.

In the event that a thesis is quoted or otherwise used, reference to the author’s name and the source of quotation is required.

Search all student theses