Study of Machine Learning Methods for Automatic Detection of Virus Activity in Computer Systems

Student: Vlasova Alina

Faculty: HSE Tikhonov Moscow Institute of Electronics and Mathematics (MIEM HSE)

Educational Programme: Computer Systems and Networks (Master)

Final Grade: 9

Year of Graduation: 2018

The current research focused on the analysis of machine learning methods for automatic detection of virus activity in computing systems. In this paper, we compared seven methods to detect malicious activity: Naive Bayes, Support Vector Machines, k-nearest neighbors algorithm, Random Forest, Neural Network, XGBoost, and Catboost. At the first part, these methods were checked on a sample of traffic from the study kdd cup` 99. This large sample with marking was compiled by experts and used in many studies. At the second part, the same methods were tested on the new sample of traffic collected specially for this study. Experiment results are presented in the current paper. Additionally, the result analysis for the methods tested is presented.

Full text (added May 27, 2018)

Student Theses at HSE must be completed in accordance with the University Rules and regulations specified by each educational programme.

Summaries of all theses must be published and made freely available on the HSE website.

The full text of a thesis can be published in open access on the HSE website only if the authoring student (copyright holder) agrees, or, if the thesis was written by a team of students, if all the co-authors (copyright holders) agree. After a thesis is published on the HSE website, it obtains the status of an online publication.

Student theses are objects of copyright and their use is subject to limitations in accordance with the Russian Federation’s law on intellectual property.

In the event that a thesis is quoted or otherwise used, reference to the author’s name and the source of quotation is required.

Search all student theses