Classification of logs using Machine Learning Technique
MetadataVis full innførsel
Currently, the use of information technologies is growing very fast in private or public companies. This is a worldwide trend, it is becoming needed than computers, printers,servers, cameras, etc. being interconnected between them and to Internet, in order to make the processes of the companies more effective and productive. Furthermore, the new trend of Internet of Things (IoT) is increasing this interconnection very fast. However, this trend is exposed unfortunately to cyber-attacks, every time more sophisticated and developed.Even worse, the detection of these attacks analyzing the logs of the security devices, is even more complicated, due to the enormous amount of logs that are generated per minute.This is a challenging activity in the Security Operation Center (SOC).In this work, the use of a new emerging machine learning technology has been analyzed, in order to find if it can be applied for helping to predict new cyber-attacks. For this work, two sources of public logs has been used, in order to test the software. Furthermore,a new framework for the normalization and correlation processes has been designed. This process is explained in detail, and some images of the software used are shown. Finally, some simulations have been carried out in a software dedicated to ML, using a set of data for training and testing separately.