Student Work

Cyber Security Network Anomaly Detection and Visualization

Public

Downloadable Content

open in viewer

This MQP presents a novel anomaly detection system for computer network traffic, as well as a visualization system to help users explore the results of the anomaly detection. The detection algorithm uses a novel approach to Robust Principal Component Analysis, to produce a lower dimensional subspace of the original data, for which a random forest can be applied to predict anomalies. The visualization system has been designed to help cyber security analysts sort anomalies by attribute and view them in the context of normal network activity. The system consists of an overview of firewall logs, a detail view of each log, and a feature view where an analyst can see which features of the firewall log were implicated in the anomaly detection algorithm.

  • This report represents the work of one or more WPI undergraduate students submitted to the faculty as evidence of completion of a degree requirement. WPI routinely publishes these reports on its website without editorial or peer review.
Creator
Publisher
Identifier
  • E-project-042717-145046
Advisor
Year
  • 2017
Date created
  • 2017-04-27
Resource type
Major
Rights statement
Last modified
  • 2021-02-01

Relations

In Collection:

Items

Items

Permanent link to this page: https://digital.wpi.edu/show/g732db59c