Lorenzo Ferretti
HTTP Request Clustering for Automated Threat Detection.
Rel. Andrea Atzeni. Politecnico di Torino, Corso di laurea magistrale in Cybersecurity, 2025
|
PDF (Tesi_di_laurea)
- Tesi
Licenza: Creative Commons Attribution Non-commercial No Derivatives. Download (3MB) | Preview |
|
![[img]](https://webthesis.biblio.polito.it/secure/style/images/fileicons/application_zip.png)
|
Archive (ZIP) (Documenti_allegati)
- Altro
Licenza: Creative Commons Attribution Non-commercial No Derivatives. Download (3MB) |
| Abstract: |
This work explores session clustering to analyze web traffic, treating each session as a sequence of user requests. Using unsupervised machine learning, it aims to uncover behavioral patterns useful for identifying navigation habits, anomalies, and potential attacks. The proposed method clusters and labels web sessions using only server-side HTTP logs, relying on headers and aggregated features to distinguish between normal and malicious activities. The implementation, developed in Python using data from Elasticsearch, employs Large Language Models (LLMs) alongside manual analysis to interpret and verify the resulting clusters. |
|---|---|
| Relatori: | Andrea Atzeni |
| Anno accademico: | 2025/26 |
| Tipo di pubblicazione: | Elettronica |
| Numero di pagine: | 51 |
| Soggetti: | |
| Corso di laurea: | Corso di laurea magistrale in Cybersecurity |
| Classe di laurea: | Nuovo ordinamento > Laurea magistrale > LM-32 - INGEGNERIA INFORMATICA |
| Aziende collaboratrici: | SICURANEXT S.R.L. |
| URI: | http://webthesis.biblio.polito.it/id/eprint/38691 |
 |
Modifica (riservato agli operatori) |
Licenza Creative Commons - Attribuzione 3.0 Italia