6533b829fe1ef96bd1289719
RESEARCH PRODUCT
A Methodology to Detect Temporal Regularities in User Behavior for Anomaly Detection
Alexandr Seleznyovsubject
Class (computer programming)User profileNetwork securitybusiness.industryAnomaly-based intrusion detection systemComputer scienceIntrusion detection systemcomputer.software_genreMisuse detectionData analysisAnomaly detectionData miningbusinesscomputerdescription
Network security, and intrusion detection in particular, represents an area of increased in security community over last several years. However, the majority of work in this area has been concentrated upon implementation of misuse detection systems for intrusion patterns monitoring among network traffic. In anomaly detection the classification was mainly based on statistical or sequential analysis of data often neglect ion temporal events' information as well as existing relations between them. In this paper we consider an anomaly detection problem as one of classification of user behavior in terms of incoming multiple discrete sequences. We present and approach that allows creating and maintaining user behavior profiles relying not only on sequential information but taking into account temporal features, such as events' lengths and possible relations between them. We defying a user profile as a number of predefined classed of actions with accumulated statistics for every class, and matrix of possible relations between classes.
year | journal | country | edition | language |
---|---|---|---|---|
2001-01-01 |