Tero Kokkonen

Learn More
Attacks against web servers and web-based applications remain a serious global network security threat. Attackers are able to compromise web services, collect confidential information from web data bases, interrupt or completely paralyze web servers. In this study, we consider the analysis of HTTP logs for the detection of network intrusions. First, a(More)
In this study, we apply an anomaly-based approach to analyze traffic flows transferred over a network to detect the flows related to different types of attacks. Based on the information extracted from network flows a model of normal user behavior is discovered with the help of several clustering techniques. This model is then used to detect anomalies within(More)
  • 1