Automated Computer Attacks Detection in University Environment

Lukáš Švarc, Pavel Strnad

Automated Computer Attacks Detection in University Environment

Číslo: 1/2021
Periodikum: Acta Informatica Pragensia
DOI: 10.18267/j.aip.147

Klíčová slova: Anomaly detection, Machine learning, Automated attacks, University environment

Pro získání musíte mít účet v Citace PRO.

Přečíst po přihlášení

Anotace: Since the massive expansion of the Internet into a commercial world, the security of computer systems has become a priority. There are other areas that see an increase in the inclusion of the Internet, like national governments, hospitals, and university systems. All these systems contain highly sensitive information. In an effort to increase the security of internal data, we propose a novel method for the detection of automated computer attacks. This method was tested on a custom dataset prepared from the logs of the university information system at Prague University of Economics and Business. Two datasets were used. The first dataset contained only simple attacks, while the second one comprised the advanced attacks. The compiled and anonymized datasets were uploaded to BigML framework, where K-means, Isolation Forest and Logistic Regression algorithms were used in order to validate the proposed novel method. Our results showed that the proposed method is viable in cases where the attack volume is high and the time spacing between the actions is similar, which was verified on both tested datasets. It reached the detection rate of 93.57% in the case of simple attacks dataset, and 95.37% in the case of advanced attacks dataset. It reached similar detection rates as other algorithms used in the commercial environment. Based on this project, the proposed method can be implemented into the university information system in order to prevent these types of attacks in the future.