Poisson factorization for peer-based anomaly detection

File Description SizeFormat 
poisson_factorisation.pdfAccepted version219.82 kBAdobe PDFView/Open
Title: Poisson factorization for peer-based anomaly detection
Authors: Turcotte, M
Moore, J
Heard, NA
McPhall, A
Item Type: Conference Paper
Abstract: Anomaly detection systems are a promising tool to identify compromised user credentials and malicious insiders in enterprise networks. Most existing approaches for modelling user behaviour rely on either independent observations for each user or on pre-defined user peer groups. A method is proposed based on recommender system algorithms to learn overlapping user peer groups and to use this learned structure to detect anomalous activity. Results analysing the authentication and process-running activities of thousands of users show that the proposed method can detect compromised user accounts during a red team exercise.
Issue Date: 17-Nov-2016
Date of Acceptance: 21-Jul-2016
URI: http://hdl.handle.net/10044/1/42761
DOI: https://dx.doi.org/10.1109/ISI.2016.7745472
ISBN: 978-1-5090-3865-7
Publisher: IEEE
Copyright Statement: © 2016 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
Conference Name: IEEE International Conference on Intelligence and Security Informatics
Publication Status: Published
Start Date: 2016-09-28
Finish Date: 2016-09-30
Conference Place: Arizona, USA
Appears in Collections:Mathematics
Statistics
Faculty of Natural Sciences



Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.

Creative Commonsx