Security has become a main concern in corporate networks. In order to keep a network protected it is necessary to periodically perform security tests to control devices and services, and also identify possible vulnerabilities. Never two networks behave the same way; thus, results obtained from security tests may substantially differ from one to another. In this case, trying to manually find a behavior pattern for all networks becomes a difficult task. Unsupervised techniques can help security analysts finding certain devices patterns, and also help revealing hidden problems in network security. This paper proposes a solution based on unsupervised techniques to help security analysts handling all the information obtained from security tests in order to detect abnormal groups of devices or atypical system behaviors.
IOS Press, Inc.
6751 Tepper Drive
Clifton, VA 20124
Tel.: +1 703 830 6300
Fax: +1 703 830 2300 email@example.com
(Corporate matters and books only) IOS Press c/o Accucoms US, Inc.
For North America Sales and Customer Service
West Point Commons
Lansdale PA 19446
Tel.: +1 866 855 8967
Fax: +1 215 660 5042 firstname.lastname@example.org