The paper summarizes a Doctoral Thesis that focuses on two new approaches for detecting anomalies in computer networks based on network flows. The approaches use incremental hierarchical clustering algorithms and monitor changes in the data structures to detect anomalies. Both approaches achieved prediction performance comparable to the state-of-the-art supervised approaches (F1 score over 0.90), even when taking into account that our approaches see every data point only once and then discard it and they operate without the prerequisite learning phase with labeled data.

Kizza, J. M. (2020), Guide to computer network security, Springer.

Thakkar, A. and Lohiya, R. (2021), A survey on intrusion detection system: feature selection, model, performance measures, application perspective, challenges, and future research directions, Artificial Intelligence Review, Springer, pp. 1--111.

Huč, A. (2022), Detecting temporal and spatial anomalies in users' activities for security provisioning in computer networks, doktorska disertacija, Ljubljana, https://repozitorij.uni-lj.si/IzpisGradiva.php?id=137562.

Sharafaldin, I. and Lashkari, A. H. and Ghorbani, A. A. (2018), Toward Generating a New Intrusion Detection Dataset and Intrusion Traffic Characterizationy, 4th International Conference on Information Systems Security and Privacy (ICISSP), pp. 108--116.

Huč, A. and Trček, D. (2021), Anomaly detection in IoT networks: From architectures to machine learning transparency, IEEE Access, IEEE, pp. 60607--60616.