Learning temporal regularities of user behavior for anomaly detection

被引：0

作者：

Seleznyov, A ^{[1
]}

Mazhelis, O ^{[1
]}

Puuronen, S ^{[1
]}

机构：

[1] Univ Jyvaskyla, Dept Comp Sci & Informat Syst, FIN-40351 Jyvaskyla, Finland

来源：

INFORMATION ASSURANCE IN COMPUTER NETWORKS: METHODS, MODELS AND ARCHITECTURES FOR NETWORK SECURITY, PROCEEDINGS | 2001年 / 2052卷

关键词：

network security; intrusion detection; anomaly detection; online learning; user profiling; user recognition;

D O I：

暂无

中图分类号：

TP301 [理论、方法];

学科分类号：

081202 ;

摘要：

Fast expansion of inexpensive computers and computer networks has dramatically increased number of computer security incidents during last years. While quite many computer systems are still vulnerable to numerous attacks, intrusion detection has become vitally important as a response to constantly increasing number of threats. In this paper we discuss an approach to discover temporal and sequential regularities in user behavior. We present an algorithm that allows creating and maintaining user profiles relying not only on sequential information but taking into account temporal features, such as events' lengths and possible temporal relations between them. The constructed profiles represent peculiarities of users' behavior and used to decide whether a behavior of a certain user is normal or abnormal.

引用

页码：143 / 152

页数：10