Résumé:
This thesis focuses on the behavioral analysis of log data for anomaly detection and
clustering in the field of cybersecurity. The objective is to obtain insights into patterns,
anomalies, and potential threats present in sonatrach’s logs. Various algorithms, including
K-means, DBSCAN, GMM, and Isolation Forest, were evaluated and compared in terms
of their performance in detecting anomalies and clustering the data. The results showed
that while K-means performed poorly, DBSCAN, GMM, and Isolation Forest exhibited
different levels of sensitivity and performance. The findings provide valuable insights for
improving anomaly detection and threat analysis in cybersecurity.
Keywords : anomaly detection, behavioral analysis, clustering, preprocessing, machine learning.