6533b853fe1ef96bd12abf49

RESEARCH PRODUCT

Learning Temporal Regularities of User Behavior for Anomaly Detection

Oleksiy MazhelisSeppo PuuronenAlexandr Seleznyov

subject

Network securitybusiness.industryComputer scienceAnomaly detectionArtificial intelligenceIntrusion detection systemData miningAnomaly (physics)businesscomputer.software_genrecomputer

description

Fast expansion of inexpensive computers and computer networks has dramatically increased number of computer security incidents during last years. While quite many computer systems are still vulnerable to numerous attacks, intrusion detection has become vitally important as a response to constantly increasing number of threats. In this paper we discuss an approach to discover temporal and sequential regularities in user behavior. We present an algorithm that allows creating and maintaining user profiles relying not only on sequential information but taking into account temporal features, such as events' lengths and possible temporal relations between them. The constructed profiles represent peculiarities of users' behavior and used to decide whether a behavior of a certain user is normal or abnormal.

yearjournalcountryeditionlanguage
2001-01-01
https://doi.org/10.1007/3-540-45116-1_16