Random Forests for Profiling Computer Network Users

  • Jakub Nowak
  • Marcin Korytkowski
  • Robert Nowicki
  • Rafał SchererEmail author
  • Agnieszka Siwocha
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10842)


In this paper, we present a novel system to detect abnormal behaviour of computer network users based on features of web pages which were requested by a user (e.g. URL address, URL category, the day of week or time when the web page was visited). There are many causes of an abnormal behaviour of network users e.g. a computer can be infected by a virus or a Trojan, a stranger can take control of a computer system, etc. Thus, the proposed system can be a very important security mechanism in networks. The system can be also used to make personal user profiles. We use the bag-of-words model to analyse the text data from firewall logs from 63 users collected over a one and half month period. The 500 GB of the network traffic meta-data allowed to achieve satisfactory classification accuracy.



The research presented in this paper was performed within a project number RPLD.01.02.02-10-0108/17, financed by the Regional Operational Programme for Łódzkie Voivodeship 2014–2020.


  1. 1.
    Aupy, A., Clarke, N.: User authentication by service utilisation profiling. In: Proceedings of the ISOneWorld 2005, Las Vegas, USA (2005)Google Scholar
  2. 2.
    Bologna, G., Hayashi, Y.: Characterization of symbolic rules embedded in deep dimlp networks: a challenge to transparency of deep learning. J. Artif. Intell. Soft Comput. Res. 7(4), 265–286 (2017)CrossRefGoogle Scholar
  3. 3.
    Breiman, L.: Random forests. Mach. Learn. 45(1), 5–32 (2001)CrossRefGoogle Scholar
  4. 4.
    Chang, O., Constante, P., Gordon, A., Singana, M.: A novel deep neural network that uses space-time features for tracking and recognizing a moving object. J. Artif. Intell. Soft Comput. Res. 7(2), 125–136 (2017)CrossRefGoogle Scholar
  5. 5.
    Clarke, N., Li, F., Furnell, S.: A novel privacy preserving user identification approach for network traffic. Comput. Secur. 70, 335–350 (2017)CrossRefGoogle Scholar
  6. 6.
    Jordanov, I., Petrov, N., Petrozziello, A.: Classifiers accuracy improvement based on missing data imputation. J. Artif. Intell. Soft Comput. Res. 8(1), 31–48 (2018)CrossRefGoogle Scholar
  7. 7.
    Ke, Y., Hagiwara, M.: An English neural network that learns texts, finds hidden knowledge, and answers questions. J. Artif. Intell. Soft Comput. Res. 7(4), 229–242 (2017)CrossRefGoogle Scholar
  8. 8.
    Marszalek, Z., Wozniak, M., Borowik, G., Wazirali, R., Napoli, C., Pappalardo, G., Tramontana, E.: Benchmark tests on improved merge for big data processing. In: 2015 Asia-Pacific Conference on Computer Aided System Engineering, pp. 96–101, July 2015Google Scholar
  9. 9.
    McTear, M., Callejas, Z., Griol, D.: The Conversational Interface. Springer, Cham (2016). Scholar
  10. 10.
    Minemoto, T., Isokawa, T., Nishimura, H., Matsui, N.: Pseudo-orthogonalization of memory patterns for complex-valued and quaternionic associative memories. J. Artif. Intell. Soft Comput. Res. 7(4), 257–264 (2017)CrossRefGoogle Scholar
  11. 11.
    Salton, G., Buckley, C.: Term-weighting approaches in automatic text retrieval. Inf. Process. Manag. 24(5), 513–523 (1988)CrossRefGoogle Scholar
  12. 12.
    Yan, P.: Mapreduce and semantics enabled event detection using social media. J. Artif. Intell. Soft Comput. Res. 7(3), 201–213 (2017)CrossRefGoogle Scholar

Copyright information

© Springer International Publishing AG, part of Springer Nature 2018

Authors and Affiliations

  • Jakub Nowak
    • 1
  • Marcin Korytkowski
    • 1
    • 2
  • Robert Nowicki
    • 1
  • Rafał Scherer
    • 1
    • 3
    Email author
  • Agnieszka Siwocha
    • 4
    • 5
  1. 1.Computer Vision and Data Mining Lab, Institute of Computational IntelligenceCzȩstochowa University of TechnologyCzȩstochowaPoland
  2. 2.Intigo Sp. z o.o.ŁódźPoland
  3. 3.Passus S.A.WarsawPoland
  4. 4.Information Technology InstituteUniversity of Social SciencesŁódźPoland
  5. 5.Clark UniversityWorcesterUSA

Personalised recommendations