Implementation of Machine Learning Method for the Detection and Prevention of Attack in Supervised Network

The sustainability of a company depends on the permanent availability of its information system. This reality influences the behavior of companies, which are becoming increasingly mature in their investments in information system security, which is an absolutely vital element. The use of a service called “SYSLOG” to centralize the network event logs that are sent by printers, servers, routers, firewalls, IDS and IPS in an SYSLOG server is a perfect example for network optimization. In this work, which consists in setting up a Machine learning algorithm for detection and prevention of attacks, we are interested on one hand with the problems encountered on the SYSLOG service and on the other hand with the problems encountered during the detection and prevention of anomalies in the SYSLOG service. In order to ensure an optimal level of security within the network according to the criteria specified, we will first proceed to an analysis of the log files present in the server; followed by an attack detection based on an automatic machine learning algorithm using the signature and historical behavior of the different attacks. As result, we have the possibility to generate real-time alerts on malfunctions; real-time monitoring of the use of an application (number of users, functions used, etc.); the identification of the origin of incidents occurring in applications.