NORMA eResearch @NCI Library

Efficient log analysis using advanced detection and filtering techniques

Sharma, Suyash (2019) Efficient log analysis using advanced detection and filtering techniques. Masters thesis, Dublin, National College of Ireland.

[img]
Preview
PDF (Master of Science)
Download (1MB) | Preview

Abstract

Digital crimes are increasing exponentially and people with possession of even a simple digital device, can facilitate a cyber attack. As the adoption of digital technologies and devices grows, it will be of utmost importance for digital investigators to develop a well thought strategy to analyze the raw binary data obtained from digital media. Log analysis provides useful way for alerting, monitoring, security and compliance, auditing , incident response and forensic investigations. The research aims at developing an efficient log parsing module based on machine learning to detect anomalies in data. Isolation forest algorithm and outlier detection methods are employed in the log parsing module for finding anomalous transaction for this case. This approach increases fraud detection rates and minimizes false alarms rates. Accuracy of Isolation Forest was found to be highly efficient and thus can be used in digital investigations to detect fraud transactions and anomalies.

Item Type: Thesis (Masters)
Subjects: Q Science > QA Mathematics > Electronic computers. Computer science
T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science

Q Science > QA Mathematics > Computer software
T Technology > T Technology (General) > Information Technology > Computer software

Q Science > QA Mathematics > Computer software > Computer Security
T Technology > T Technology (General) > Information Technology > Computer software > Computer Security
Divisions: School of Computing > Master of Science in Cyber Security
Depositing User: CAOIMHE NI MHAICIN
Date Deposited: 15 Oct 2019 11:10
Last Modified: 15 Oct 2019 11:10
URI: http://trap.ncirl.ie/id/eprint/3894

Actions (login required)

View Item View Item