Options
Anomaly Detection using Generative Adversarial Networks on Firewall Log Message Data
Date Issued
01-07-2021
Author(s)
Kulyadi, Sandeep Pai
Mohandas, Pavitra
Kumar, Sudesh Kumar Santhosh
Raman, M. J.Shankar
Vasan, V. S.
Abstract
Firewalls produce a lot of log messages while logging internet traffic through the system that they are protecting. This is a huge amount of data that can be used to find various insights. One of these insights knows if a malware attack has taken place. We treat this sequence of log messages as time series data. In this paper, we propose a Generative Adversarial Network (GAN) model based on Recurrent Neural Networks (RNN) that learns the normal behavior of the firewall, the complex spatio-temporal correlations in the data. We then apply anomaly detection techniques to detect an anomaly which can potentially be a malware.