Sharma et al., 2020 - Google Patents
User behavior analytics for anomaly detection using LSTM autoencoder-insider threat detectionSharma et al., 2020
- Document ID
- 14748337771383896411
- Author
- Sharma B
- Pokharel P
- Joshi B
- Publication year
- Publication venue
- Proceedings of the 11th international conference on advances in information technology
External Links
Snippet
Identifying anomalies from log data for insider threat detection is practically a very challenging task for security analysts. User behavior modeling is very important for the identification of these anomalies. This paper presents unsupervised user behavior modeling …
- 238000001514 detection method 0 title abstract description 57
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06K—RECOGNITION OF DATA; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K9/00—Methods or arrangements for reading or recognising printed or written characters or for recognising patterns, e.g. fingerprints
- G06K9/62—Methods or arrangements for recognition using electronic means
- G06K9/6267—Classification techniques
- G06K9/6279—Classification techniques relating to the number of classes
- G06K9/6284—Single class perspective, e.g. one-against-all classification; Novelty detection; Outlier detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06K—RECOGNITION OF DATA; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K9/00—Methods or arrangements for reading or recognising printed or written characters or for recognising patterns, e.g. fingerprints
- G06K9/62—Methods or arrangements for recognition using electronic means
- G06K9/6217—Design or setup of recognition systems and techniques; Extraction of features in feature space; Clustering techniques; Blind source separation
- G06K9/6232—Extracting features by transforming the feature space, e.g. multidimensional scaling; Mappings, e.g. subspace methods
- G06K9/6247—Extracting features by transforming the feature space, e.g. multidimensional scaling; Mappings, e.g. subspace methods based on an approximation criterion, e.g. principal component analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06K—RECOGNITION OF DATA; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K9/00—Methods or arrangements for reading or recognising printed or written characters or for recognising patterns, e.g. fingerprints
- G06K9/62—Methods or arrangements for recognition using electronic means
- G06K9/6267—Classification techniques
- G06K9/6268—Classification techniques relating to the classification paradigm, e.g. parametric or non-parametric approaches
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/316—User authentication by observing the pattern of computer usage, e.g. typical user behaviour
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06K—RECOGNITION OF DATA; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K9/00—Methods or arrangements for reading or recognising printed or written characters or for recognising patterns, e.g. fingerprints
- G06K9/62—Methods or arrangements for recognition using electronic means
- G06K9/6201—Matching; Proximity measures
- G06K9/6202—Comparing pixel values or logical combinations thereof, or feature values having positional relevance, e.g. template matching
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06K—RECOGNITION OF DATA; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K9/00—Methods or arrangements for reading or recognising printed or written characters or for recognising patterns, e.g. fingerprints
- G06K9/36—Image preprocessing, i.e. processing the image information without deciding about the identity of the image
- G06K9/46—Extraction of features or characteristics of the image
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/30781—Information retrieval; Database structures therefor; File system structures therefor of video data
- G06F17/30784—Information retrieval; Database structures therefor; File system structures therefor of video data using features automatically derived from the video content, e.g. descriptors, fingerprints, signatures, genre
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/3061—Information retrieval; Database structures therefor; File system structures therefor of unstructured textual data
- G06F17/30705—Clustering or classification
- G06F17/3071—Clustering or classification including class or cluster creation or modification
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06K—RECOGNITION OF DATA; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K9/00—Methods or arrangements for reading or recognising printed or written characters or for recognising patterns, e.g. fingerprints
- G06K9/00624—Recognising scenes, i.e. recognition of a whole field of perception; recognising scene-specific objects
- G06K9/00771—Recognising scenes under surveillance, e.g. with Markovian modelling of scene activity
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06K—RECOGNITION OF DATA; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K9/00—Methods or arrangements for reading or recognising printed or written characters or for recognising patterns, e.g. fingerprints
- G06K9/00496—Recognising patterns in signals and combinations thereof
- G06K9/00536—Classification; Matching
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Sharma et al. | User behavior analytics for anomaly detection using LSTM autoencoder-insider threat detection | |
| Le et al. | Analyzing data granularity levels for insider threat detection using machine learning | |
| Liu et al. | Log2vec: A heterogeneous graph embedding based approach for detecting cyber threats within enterprise | |
| Boukhtouta et al. | Network malware classification comparison using DPI and flow packet headers | |
| Kotenko et al. | Systematic literature review of security event correlation methods | |
| Liu et al. | Insider threat identification using the simultaneous neural learning of multi-source logs | |
| Yuan et al. | Insider threat detection via hierarchical neural temporal point processes | |
| Ahmad et al. | Role of machine learning and data mining in internet security: standing state with future directions | |
| Lin et al. | Collaborative alert ranking for anomaly detection | |
| Ma et al. | DANTE: Predicting Insider Threat using LSTM on system logs | |
| Jiang et al. | An insider threat detection method based on user behavior analysis | |
| Lambert II | Security analytics: Using deep learning to detect cyber attacks | |
| Pillai et al. | Hybrid unsupervised web-attack detection and classification–A deep learning approach | |
| Lorenzen et al. | Determining viability of deep learning on cybersecurity log analytics | |
| Mvula et al. | A systematic literature review of cyber-security data repositories and performance assessment metrics for semi-supervised learning | |
| Niranjan et al. | Security in data mining-a comprehensive survey | |
| Igbe et al. | Insider threat detection using an artificial immune system algorithm | |
| Manoharan et al. | Insider threat detection using supervised machine learning algorithms | |
| Mohammad et al. | A novel local network intrusion detection system based on support vector machine | |
| Raissi-Dehkordi et al. | A multi-perspective approach to insider threat detection | |
| Zhumabekova et al. | Determining Web Application Vulnerabilities Using Machine Learning Methods | |
| Orizio et al. | Towards an explainable approach for insider threat detection: Constraint network learning | |
| Ren et al. | A hybrid intelligent system for insider threat detection using iterative attention | |
| Mihailescu et al. | Unveiling Threats: Leveraging User Behavior Analysis for Enhanced Cybersecurity | |
| Gore et al. | Assessing cyber-incidents using machine learning |