Filters








1,094 Hits in 6.5 sec

History-based Anomaly Detector: an Adversarial Approach to Anomaly Detection [article]

Pierrick Chatillon, Coloma Ballester
<span title="2020-03-14">2020</span> <i > arXiv </i> &nbsp; <span class="release-stage" >pre-print</span>
In this article, we propose a simple yet new adversarial method to tackle this problem, denoted as History-based anomaly detector (HistoryAD).  ...  Latest proposed methods rely on Generative Adversarial Networks (GANs) to estimate the normal data distribution, and produce an anomaly score prediction for any given data.  ...  In the anomaly detection context, several approaches tackle it using autoencoders [13] or GANs [41, 49, 8, 39, 17, 1, 21, 33] (we refer to [28] for a summary of those GAN-based anomaly detection  ... 
<span class="external-identifiers"> <a target="_blank" rel="external noopener" href="https://arxiv.org/abs/1912.11843v2">arXiv:1912.11843v2</a> <a target="_blank" rel="external noopener" href="https://fatcat.wiki/release/oqyfsloyujfpletkcrc6db2fzq">fatcat:oqyfsloyujfpletkcrc6db2fzq</a> </span>
<a target="_blank" rel="noopener" href="https://web.archive.org/web/20200320190041/https://arxiv.org/pdf/1912.11843v2.pdf" title="fulltext PDF download" data-goatcounter-click="serp-fulltext" data-goatcounter-title="serp-fulltext"> <button class="ui simple right pointing dropdown compact black labeled icon button serp-button"> <i class="icon ia-icon"></i> Web Archive [PDF] </button> </a> <a target="_blank" rel="external noopener" href="https://arxiv.org/abs/1912.11843v2" title="arxiv.org access"> <button class="ui compact blue labeled icon button serp-button"> <i class="file alternate outline icon"></i> arxiv.org </button> </a>

UNICORN: Runtime Provenance-Based Detector for Advanced Persistent Threats [article]

Xueyuan Han, Thomas Pasquier, Adam Bates, James Mickens, Margo Seltzer
<span title="2020-01-06">2020</span> <i > arXiv </i> &nbsp; <span class="release-stage" >pre-print</span>
We present UNICORN, an anomaly-based APT detector that effectively leverages data provenance analysis.  ...  UNICORN further improves its detection capability using a novel modeling approach to understand long-term behavior as the system evolves.  ...  We introduce UNICORN, a provenance-based anomaly detector capable of detecting APTs.  ... 
<span class="external-identifiers"> <a target="_blank" rel="external noopener" href="https://arxiv.org/abs/2001.01525v1">arXiv:2001.01525v1</a> <a target="_blank" rel="external noopener" href="https://fatcat.wiki/release/cljlsnrtsfamhlhtnzptydwd6i">fatcat:cljlsnrtsfamhlhtnzptydwd6i</a> </span>
<a target="_blank" rel="noopener" href="https://web.archive.org/web/20200321075004/https://arxiv.org/pdf/2001.01525v1.pdf" title="fulltext PDF download" data-goatcounter-click="serp-fulltext" data-goatcounter-title="serp-fulltext"> <button class="ui simple right pointing dropdown compact black labeled icon button serp-button"> <i class="icon ia-icon"></i> Web Archive [PDF] </button> </a> <a target="_blank" rel="external noopener" href="https://arxiv.org/abs/2001.01525v1" title="arxiv.org access"> <button class="ui compact blue labeled icon button serp-button"> <i class="file alternate outline icon"></i> arxiv.org </button> </a>

Setting the threshold for high throughput detectors: A mathematical approach for ensembles of dynamic, heterogeneous, probabilistic anomaly detectors [article]

Robert A. Bridges, Jessie D. Jamieson, Joel W. Reed
<span title="2017-10-25">2017</span> <i > arXiv </i> &nbsp; <span class="release-stage" >pre-print</span>
Anomaly detection (AD) has garnered ample attention in security research, as such algorithms complement existing signature-based methods but promise detection of never-before-seen attacks.  ...  Further, we demonstrate on the real network data and detection framework of Harshaw et al. the alternative case, showing how the inability to regulate alerts indicates the detection model is a bad fit  ...  Quite simply, an allknowing adversary with the capability to increase at the time of attack, can force the threshold to zero, to mask otherwise alerted events.  ... 
<span class="external-identifiers"> <a target="_blank" rel="external noopener" href="https://arxiv.org/abs/1710.09422v1">arXiv:1710.09422v1</a> <a target="_blank" rel="external noopener" href="https://fatcat.wiki/release/u7gfabnzfbe45limiongnf2wt4">fatcat:u7gfabnzfbe45limiongnf2wt4</a> </span>
<a target="_blank" rel="noopener" href="https://web.archive.org/web/20200907031128/https://arxiv.org/pdf/1710.09422v1.pdf" title="fulltext PDF download" data-goatcounter-click="serp-fulltext" data-goatcounter-title="serp-fulltext"> <button class="ui simple right pointing dropdown compact black labeled icon button serp-button"> <i class="icon ia-icon"></i> Web Archive [PDF] <div class="menu fulltext-thumbnail"> <img src="https://blobs.fatcat.wiki/thumbnail/pdf/e5/4a/e54ac39047172564b1d3a267028cce2afc66568d.180px.jpg" alt="fulltext thumbnail" loading="lazy"> </div> </button> </a> <a target="_blank" rel="external noopener" href="https://arxiv.org/abs/1710.09422v1" title="arxiv.org access"> <button class="ui compact blue labeled icon button serp-button"> <i class="file alternate outline icon"></i> arxiv.org </button> </a>

Context-aware Anomaly Detector for Monitoring Cyber Attacks on Automotive CAN Bus

Harsha Kumara Kalutarage, M. Omar Al-Kadri, Madeline Cheah, Garikayi Madzudzo
<span title="">2019</span> <i title="ACM Press"> <a target="_blank" rel="noopener" href="https://fatcat.wiki/container/6upyxjbsevfdvkbadsliw54qsa" style="color: black;">ACM Computer Science in Cars Symposium on - CSCS &#39;19</a> </i> &nbsp;
ACKNOWLEDGMENTS This work has been funded by XYZ grant ID XYZ, we are excited to work on this challenging piece of research.  ...  Inspecting alerts generated by an anomaly detector is not sufficient to identify the cause.  ...  The simple approach to anomaly detection is to define a region representing expected values and declare any observation lies outside that region as an anomaly [13] .  ... 
<span class="external-identifiers"> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.1145/3359999.3360496">doi:10.1145/3359999.3360496</a> <a target="_blank" rel="external noopener" href="https://dblp.org/rec/conf/cscs2/KalutarageACM19.html">dblp:conf/cscs2/KalutarageACM19</a> <a target="_blank" rel="external noopener" href="https://fatcat.wiki/release/ka4uwlq2wvgevplxjo34e7h2nq">fatcat:ka4uwlq2wvgevplxjo34e7h2nq</a> </span>
<a target="_blank" rel="noopener" href="https://web.archive.org/web/20200507023939/https://rgu-repository.worktribe.com/544552/1/KALUTARAGE%202019%20Context%20aware%20anomaly" title="fulltext PDF download" data-goatcounter-click="serp-fulltext" data-goatcounter-title="serp-fulltext"> <button class="ui simple right pointing dropdown compact black labeled icon button serp-button"> <i class="icon ia-icon"></i> Web Archive [PDF] <div class="menu fulltext-thumbnail"> <img src="https://blobs.fatcat.wiki/thumbnail/pdf/d7/da/d7da20ec5d97224497ad105257f272064613d69b.180px.jpg" alt="fulltext thumbnail" loading="lazy"> </div> </button> </a> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.1145/3359999.3360496"> <button class="ui left aligned compact blue labeled icon button serp-button"> <i class="external alternate icon"></i> acm.org </button> </a>

Enhancing Robustness Against Adversarial Examples in Network Intrusion Detection Systems [article]

Mohammad J. Hashemi, Eric Keller
<span title="2020-08-09">2020</span> <i > arXiv </i> &nbsp; <span class="release-stage" >pre-print</span>
setting compared to other recently proposed anomaly detectors.  ...  Because of the inability to detect zero-day attacks, signature-based NIDS which were traditionally used for detecting malicious traffic are beginning to get replaced by anomaly-based NIDS built on neural  ...  function to detect anomalies in an unsupervised manner.  ... 
<span class="external-identifiers"> <a target="_blank" rel="external noopener" href="https://arxiv.org/abs/2008.03677v1">arXiv:2008.03677v1</a> <a target="_blank" rel="external noopener" href="https://fatcat.wiki/release/iqe5vd4vzjayho44ciub6rckaa">fatcat:iqe5vd4vzjayho44ciub6rckaa</a> </span>
<a target="_blank" rel="noopener" href="https://web.archive.org/web/20200812094200/https://arxiv.org/pdf/2008.03677v1.pdf" title="fulltext PDF download" data-goatcounter-click="serp-fulltext" data-goatcounter-title="serp-fulltext"> <button class="ui simple right pointing dropdown compact black labeled icon button serp-button"> <i class="icon ia-icon"></i> Web Archive [PDF] </button> </a> <a target="_blank" rel="external noopener" href="https://arxiv.org/abs/2008.03677v1" title="arxiv.org access"> <button class="ui compact blue labeled icon button serp-button"> <i class="file alternate outline icon"></i> arxiv.org </button> </a>

Characterization of Model-Based Detectors for CPS Sensor Faults/Attacks [article]

Carlos Murguia, Justin Ruths
<span title="2017-10-12">2017</span> <i > arXiv </i> &nbsp; <span class="release-stage" >pre-print</span>
We quantify the advantage of using a dynamic detector (CUSUM), which leverages the history of the state, over a static detector (chi-squared) which uses a single measurement at a time.  ...  We use the widely-used chi-squared fault/attack detection procedure as a benchmark to compare the performance of the CUSUM.  ...  CHI-SQUARED TUNING The CUSUM approach to fault/attack detection offers an compelling alternative to the more popular chi-squared detector.  ... 
<span class="external-identifiers"> <a target="_blank" rel="external noopener" href="https://arxiv.org/abs/1710.04407v1">arXiv:1710.04407v1</a> <a target="_blank" rel="external noopener" href="https://fatcat.wiki/release/4hjlppqfrvdnfl27b657hh5hm4">fatcat:4hjlppqfrvdnfl27b657hh5hm4</a> </span>
<a target="_blank" rel="noopener" href="https://web.archive.org/web/20191016143555/https://arxiv.org/pdf/1710.04407v1.pdf" title="fulltext PDF download" data-goatcounter-click="serp-fulltext" data-goatcounter-title="serp-fulltext"> <button class="ui simple right pointing dropdown compact black labeled icon button serp-button"> <i class="icon ia-icon"></i> Web Archive [PDF] <div class="menu fulltext-thumbnail"> <img src="https://blobs.fatcat.wiki/thumbnail/pdf/e3/13/e31336d9e25d116779106e991a63729532a7ba5b.180px.jpg" alt="fulltext thumbnail" loading="lazy"> </div> </button> </a> <a target="_blank" rel="external noopener" href="https://arxiv.org/abs/1710.04407v1" title="arxiv.org access"> <button class="ui compact blue labeled icon button serp-button"> <i class="file alternate outline icon"></i> arxiv.org </button> </a>

Detecting malicious logins as graph anomalies [article]

Brian A. Powell
<span title="2020-03-25">2020</span> <i > arXiv </i> &nbsp; <span class="release-stage" >pre-print</span>
In this work a behavior-based approach to detecting malicious logins to novel systems indicative of lateral movement is presented, in which a user's historical login activity is used to build a model of  ...  Authenticated lateral movement via compromised accounts is a common adversarial maneuver that is challenging to discover with signature- or rules-based intrusion detection systems.  ...  Therefore, in comparison to basic detectors based solely on novelty, this approach alerts on significantly fewer logins.  ... 
<span class="external-identifiers"> <a target="_blank" rel="external noopener" href="https://arxiv.org/abs/1909.09047v2">arXiv:1909.09047v2</a> <a target="_blank" rel="external noopener" href="https://fatcat.wiki/release/u57kbqlswvhszgix4t3542esni">fatcat:u57kbqlswvhszgix4t3542esni</a> </span>
<a target="_blank" rel="noopener" href="https://web.archive.org/web/20200425004053/https://arxiv.org/pdf/1909.09047v2.pdf" title="fulltext PDF download" data-goatcounter-click="serp-fulltext" data-goatcounter-title="serp-fulltext"> <button class="ui simple right pointing dropdown compact black labeled icon button serp-button"> <i class="icon ia-icon"></i> Web Archive [PDF] <div class="menu fulltext-thumbnail"> <img src="https://blobs.fatcat.wiki/thumbnail/pdf/bf/f5/bff524489b3e620db79c0f6cbef81a78b3e3431c.180px.jpg" alt="fulltext thumbnail" loading="lazy"> </div> </button> </a> <a target="_blank" rel="external noopener" href="https://arxiv.org/abs/1909.09047v2" title="arxiv.org access"> <button class="ui compact blue labeled icon button serp-button"> <i class="file alternate outline icon"></i> arxiv.org </button> </a>

Sequential Adversarial Anomaly Detection for One-Class Event Data [article]

Shixiang Zhu, Henry Shaowu Yuchi, Minghe Zhang, Yao Xie
<span title="2021-02-21">2021</span> <i > arXiv </i> &nbsp; <span class="release-stage" >pre-print</span>
We consider the sequential anomaly detection problem in the one-class setting when only the anomalous sequences are available and propose an adversarial sequential detector by solving a minimax problem  ...  to find an optimal detector against the worst-case sequences from a generator.  ...  ( 2) The one-class data situation requires an unsupervised approach for anomaly detection. However, most sequential anomaly detection algorithms are based on supervised learning.  ... 
<span class="external-identifiers"> <a target="_blank" rel="external noopener" href="https://arxiv.org/abs/1910.09161v4">arXiv:1910.09161v4</a> <a target="_blank" rel="external noopener" href="https://fatcat.wiki/release/bqxyk2olvvhghhy7aia2tbuvqq">fatcat:bqxyk2olvvhghhy7aia2tbuvqq</a> </span>
<a target="_blank" rel="noopener" href="https://web.archive.org/web/20200811105100/https://arxiv.org/pdf/1910.09161v3.pdf" title="fulltext PDF download [not primary version]" data-goatcounter-click="serp-fulltext" data-goatcounter-title="serp-fulltext"> <button class="ui simple right pointing dropdown compact black labeled icon button serp-button"> <i class="icon ia-icon"></i> Web Archive [PDF] <span style="color: #f43e3e;">&#10033;</span> </button> </a> <a target="_blank" rel="external noopener" href="https://arxiv.org/abs/1910.09161v4" title="arxiv.org access"> <button class="ui compact blue labeled icon button serp-button"> <i class="file alternate outline icon"></i> arxiv.org </button> </a>

Anomaly Detection and Mitigation for Disaster Area Networks [chapter]

Jordi Cucurull, Mikael Asplund, Simin Nadjm-Tehrani
<span title="">2010</span> <i title="Springer Berlin Heidelberg"> <a target="_blank" rel="noopener" href="https://fatcat.wiki/container/2w3awgokqne6te4nvlofavy5a4" style="color: black;">Lecture Notes in Computer Science</a> </i> &nbsp;
Our approach builds on a learning based anomaly detection technique that uses only normal data in the learning phase.  ...  In the IC-MANET context anomaly detection is a suitable approach to intrusion detection while misuse detection is less appropriate.  ...  Since MANET are usually operated by resource constrained devices a statistical-based approach has been selected as an anomaly detector since it has a smaller footprint than other techniques.  ... 
<span class="external-identifiers"> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.1007/978-3-642-15512-3_18">doi:10.1007/978-3-642-15512-3_18</a> <a target="_blank" rel="external noopener" href="https://fatcat.wiki/release/s7g3wjm57zhnhoymbtz3q5iv3a">fatcat:s7g3wjm57zhnhoymbtz3q5iv3a</a> </span>
<a target="_blank" rel="noopener" href="https://web.archive.org/web/20101204094028/http://www.ida.liu.se/~rtslab/publications/2010/CucurullEtAl_RAID2010.pdf" title="fulltext PDF download" data-goatcounter-click="serp-fulltext" data-goatcounter-title="serp-fulltext"> <button class="ui simple right pointing dropdown compact black labeled icon button serp-button"> <i class="icon ia-icon"></i> Web Archive [PDF] <div class="menu fulltext-thumbnail"> <img src="https://blobs.fatcat.wiki/thumbnail/pdf/a9/91/a9917d2b7489775cb728290ce6fc5143aa94301f.180px.jpg" alt="fulltext thumbnail" loading="lazy"> </div> </button> </a> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.1007/978-3-642-15512-3_18"> <button class="ui left aligned compact blue labeled icon button serp-button"> <i class="external alternate icon"></i> springer.com </button> </a>

A survey of intrusion detection in wireless network applications

Robert Mitchell, Ing-Ray Chen
<span title="">2014</span> <i title="Elsevier BV"> <a target="_blank" rel="noopener" href="https://fatcat.wiki/container/mnyvgmlsc5a5xi7554ow77exfu" style="color: black;">Computer Communications</a> </i> &nbsp;
Our approach is to classify existing contemporary wireless intrusion detection system (IDS) techniques based on target wireless network, detection technique, collection process, trust model and analysis  ...  In order to identify gaps and propose research directions in wireless network intrusion detection research, we survey the literature of this area.  ...  They combine the EFSA approach to intrusion detection with an anomaly based IDS that uses unsupervised machine learning.  ... 
<span class="external-identifiers"> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.1016/j.comcom.2014.01.012">doi:10.1016/j.comcom.2014.01.012</a> <a target="_blank" rel="external noopener" href="https://fatcat.wiki/release/24cujhgddrfppnbrtqy4u7xvm4">fatcat:24cujhgddrfppnbrtqy4u7xvm4</a> </span>
<a target="_blank" rel="noopener" href="https://web.archive.org/web/20170329040410/http://people.cs.vt.edu:80/~irchen/ps/Mitchell-comcom14.pdf" title="fulltext PDF download" data-goatcounter-click="serp-fulltext" data-goatcounter-title="serp-fulltext"> <button class="ui simple right pointing dropdown compact black labeled icon button serp-button"> <i class="icon ia-icon"></i> Web Archive [PDF] <div class="menu fulltext-thumbnail"> <img src="https://blobs.fatcat.wiki/thumbnail/pdf/de/b7/deb7322d15ef3ad69ad13155155318c2aed6e07f.180px.jpg" alt="fulltext thumbnail" loading="lazy"> </div> </button> </a> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.1016/j.comcom.2014.01.012"> <button class="ui left aligned compact blue labeled icon button serp-button"> <i class="external alternate icon"></i> elsevier.com </button> </a>

Should I Raise The Red Flag? A comprehensive survey of anomaly scoring methods toward mitigating false alarms [article]

Zahra Zohrevand, Uwe Glässer
<span title="2020-08-30">2020</span> <i > arXiv </i> &nbsp; <span class="release-stage" >pre-print</span>
Nowadays, advanced intrusion detection systems (IDSs) rely on a combination of anomaly detection and signature-based methods.  ...  There are two major categories of false alarm-mitigation strategies: (1) methods that are customized to enhance the quality of anomaly scoring; (2) approaches acting as filtering methods in contexts that  ...  INTRODUCTION In adversarial settings, cybersecurity systems like intrusion detection systems or insider threat detectors routinely process enormous volumes of heterogeneous log data needed to perform detection  ... 
<span class="external-identifiers"> <a target="_blank" rel="external noopener" href="https://arxiv.org/abs/1904.06646v2">arXiv:1904.06646v2</a> <a target="_blank" rel="external noopener" href="https://fatcat.wiki/release/s767u2atk5cu5fw3rt72mqnh7a">fatcat:s767u2atk5cu5fw3rt72mqnh7a</a> </span>
<a target="_blank" rel="noopener" href="https://web.archive.org/web/20200907144909/https://arxiv.org/pdf/1904.06646v2.pdf" title="fulltext PDF download" data-goatcounter-click="serp-fulltext" data-goatcounter-title="serp-fulltext"> <button class="ui simple right pointing dropdown compact black labeled icon button serp-button"> <i class="icon ia-icon"></i> Web Archive [PDF] </button> </a> <a target="_blank" rel="external noopener" href="https://arxiv.org/abs/1904.06646v2" title="arxiv.org access"> <button class="ui compact blue labeled icon button serp-button"> <i class="file alternate outline icon"></i> arxiv.org </button> </a>

Exploring anomaly detection in systems of systems

Tommaso Zoppi, Andrea Ceccarelli, Andrea Bondavalli
<span title="">2017</span> <i title="ACM Press"> <a target="_blank" rel="noopener" href="https://fatcat.wiki/container/uo6yx5jpgnf2zl7mkrumytd4ti" style="color: black;">Proceedings of the Symposium on Applied Computing - SAC &#39;17</a> </i> &nbsp;
Ultimately, we propose an approach to design a monitoring and anomaly detection framework for SoSs aggregating i) monitoring approaches ii) SoS properties, and iii) anomaly detection techniques.  ...  CCS Concepts • Security and privacy ➝ Intrusion/anomaly detection and malware • Security and privacy ➝ Distributed systems security • Computer systems organization ➝ Peer-to-peer architectures • Computer  ...  based on anomaly detection.  ... 
<span class="external-identifiers"> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.1145/3019612.3019765">doi:10.1145/3019612.3019765</a> <a target="_blank" rel="external noopener" href="https://dblp.org/rec/conf/sac/ZoppiCB17.html">dblp:conf/sac/ZoppiCB17</a> <a target="_blank" rel="external noopener" href="https://fatcat.wiki/release/7fnpeykcsbcqxiok4ctkx4mheq">fatcat:7fnpeykcsbcqxiok4ctkx4mheq</a> </span>
<a target="_blank" rel="noopener" href="https://web.archive.org/web/20190427201743/https://flore.unifi.it/retrieve/handle/2158/1065860/188439/SAC17_AnDet_SoS_V5.pdf" title="fulltext PDF download" data-goatcounter-click="serp-fulltext" data-goatcounter-title="serp-fulltext"> <button class="ui simple right pointing dropdown compact black labeled icon button serp-button"> <i class="icon ia-icon"></i> Web Archive [PDF] <div class="menu fulltext-thumbnail"> <img src="https://blobs.fatcat.wiki/thumbnail/pdf/37/08/3708a877514d60ad4972aa92eb49ccc630781106.180px.jpg" alt="fulltext thumbnail" loading="lazy"> </div> </button> </a> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.1145/3019612.3019765"> <button class="ui left aligned compact blue labeled icon button serp-button"> <i class="external alternate icon"></i> acm.org </button> </a>

Survey on Keyed IDS and Key Recovery Attacks

<span title="2015-12-05">2015</span> <i title="International Journal of Science and Research"> <a target="_blank" rel="noopener" href="https://fatcat.wiki/container/odv46yibm5gf7evzoopmrrqr3q" style="color: black;">International Journal of Science and Research (IJSR)</a> </i> &nbsp;
With the anomaly detection systems, many approaches and techniques have been developed to track novel attacks on the systems.  ...  Anomaly detection systems based on predefine rules and algorithms; it's difficult to define all rules. To overcome this problem various machine learning schemes have been introduced.  ...  IDS come in a variety of "flavors" and approach the goal of detecting suspicious traffic in different ways. There are network based (NIDS) and host based (HIDS) intrusion detection systems.  ... 
<span class="external-identifiers"> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.21275/v4i12.nov151993">doi:10.21275/v4i12.nov151993</a> <a target="_blank" rel="external noopener" href="https://fatcat.wiki/release/rfsh7wuqoffrfp5xlozwjumvsu">fatcat:rfsh7wuqoffrfp5xlozwjumvsu</a> </span>
<a target="_blank" rel="noopener" href="https://web.archive.org/web/20220227113117/https://www.ijsr.net/archive/v4i12/NOV151993.pdf" title="fulltext PDF download" data-goatcounter-click="serp-fulltext" data-goatcounter-title="serp-fulltext"> <button class="ui simple right pointing dropdown compact black labeled icon button serp-button"> <i class="icon ia-icon"></i> Web Archive [PDF] <div class="menu fulltext-thumbnail"> <img src="https://blobs.fatcat.wiki/thumbnail/pdf/1f/24/1f242697e0fce82c7b2cb2bde547c63e4a5f043d.180px.jpg" alt="fulltext thumbnail" loading="lazy"> </div> </button> </a> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.21275/v4i12.nov151993"> <button class="ui left aligned compact blue labeled icon button serp-button"> <i class="external alternate icon"></i> Publisher / doi.org </button> </a>

Proactive Insider Threat Detection through Graph Learning and Psychological Context

Oliver Brdiczka, Juan Liu, Bob Price, Jianqiang Shen, Akshay Patil, Richard Chow, Eugene Bart, Nicolas Ducheneaut
<span title="">2012</span> <i title="IEEE"> <a target="_blank" rel="noopener" href="https://fatcat.wiki/container/inod5dqjxfdj3bnjykkklcg7d4" style="color: black;">2012 IEEE Symposium on Security and Privacy Workshops</a> </i> &nbsp;
This paper proposes an approach that combines Structural Anomaly Detection (SA) from social and information networks and Psychological Profiling (PP) of individuals.  ...  SA uses technologies including graph analysis, dynamic tracking, and machine learning to detect structural anomalies in large-scale information network data, while PP constructs dynamic psychological profiles  ...  like to thank GLAD-PC team members Elise Weaver and Paul Sticha of HumRRO for help in understanding the psychology of adversarial insiders.  ... 
<span class="external-identifiers"> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.1109/spw.2012.29">doi:10.1109/spw.2012.29</a> <a target="_blank" rel="external noopener" href="https://dblp.org/rec/conf/sp/BrdiczkaLPSPCBD12.html">dblp:conf/sp/BrdiczkaLPSPCBD12</a> <a target="_blank" rel="external noopener" href="https://fatcat.wiki/release/4uszlerbizco5kiylzw3varm2e">fatcat:4uszlerbizco5kiylzw3varm2e</a> </span>
<a target="_blank" rel="noopener" href="https://web.archive.org/web/20170819230028/https://www.computer.org/csdl/proceedings/spw/2012/4740/00/06227698.pdf" title="fulltext PDF download" data-goatcounter-click="serp-fulltext" data-goatcounter-title="serp-fulltext"> <button class="ui simple right pointing dropdown compact black labeled icon button serp-button"> <i class="icon ia-icon"></i> Web Archive [PDF] <div class="menu fulltext-thumbnail"> <img src="https://blobs.fatcat.wiki/thumbnail/pdf/d6/10/d61009d4c467382e992ced9aff7d8b11fdd0e1e4.180px.jpg" alt="fulltext thumbnail" loading="lazy"> </div> </button> </a> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.1109/spw.2012.29"> <button class="ui left aligned compact blue labeled icon button serp-button"> <i class="external alternate icon"></i> ieee.com </button> </a>

Exploring Information Centrality for Intrusion Detection in Large Networks [article]

Nidhi Rastogi
<span title="2020-06-12">2020</span> <i > arXiv </i> &nbsp; <span class="release-stage" >pre-print</span>
Information Centrality (IC) labels network nodes with better vantage points for detecting network-based anomalies as central nodes and uses them for detecting a category of attacks called systemic attacks  ...  Hence, there is a need to propose novel approaches that address the big data problem in security.  ...  Detection We deploy a machine learning based anomaly detector and uses it across all nodes in the networks.  ... 
<span class="external-identifiers"> <a target="_blank" rel="external noopener" href="https://arxiv.org/abs/1904.12138v2">arXiv:1904.12138v2</a> <a target="_blank" rel="external noopener" href="https://fatcat.wiki/release/fuvf4w5nb5gthbpjg52n2luzwq">fatcat:fuvf4w5nb5gthbpjg52n2luzwq</a> </span>
<a target="_blank" rel="noopener" href="https://web.archive.org/web/20200623115217/https://arxiv.org/ftp/arxiv/papers/1904/1904.12138.pdf" title="fulltext PDF download" data-goatcounter-click="serp-fulltext" data-goatcounter-title="serp-fulltext"> <button class="ui simple right pointing dropdown compact black labeled icon button serp-button"> <i class="icon ia-icon"></i> Web Archive [PDF] <div class="menu fulltext-thumbnail"> <img src="https://blobs.fatcat.wiki/thumbnail/pdf/b1/49/b1490a2c48828fae6a86c7938a9fbdcae0c17043.180px.jpg" alt="fulltext thumbnail" loading="lazy"> </div> </button> </a> <a target="_blank" rel="external noopener" href="https://arxiv.org/abs/1904.12138v2" title="arxiv.org access"> <button class="ui compact blue labeled icon button serp-button"> <i class="file alternate outline icon"></i> arxiv.org </button> </a>
&laquo; Previous Showing results 1 &mdash; 15 out of 1,094 results