User Profiling in Anomaly Detection of Authorization Logs

被引：6

作者：

Zamanian, Zahedeh ^{[1
]}

Feizollah, Ali ^{[1
]}

Anuar, Nor Badrul ^{[1
]}

Kiah, Laiha Binti Mat ^{[1
]}

Srikanth, Karanam ^{[2
]}

Kumar, Sudhindra ^{[2
]}

机构：

[1] Univ Malaya, Fac Comp Sci & Informat Technol, Kuala Lumpur, Malaysia

[2] NextLabs Malaysia Sdn Bhd, 308-1st Floor,Jalan S2 B13,Seksyen B, Seremban 70300, Negeri Sembilan, Malaysia

来源：

COMPUTATIONAL SCIENCE AND TECHNOLOGY | 2019年 / 481卷

关键词：

User Profiling; Anomaly Detection; Insider Intruder;

D O I：

10.1007/978-981-13-2622-6_6

中图分类号：

TP39 [计算机的应用];

学科分类号：

081203 ; 0835 ;

摘要：

In digital age, the valuable asset of every company is their data. They contain personal information, companies and industries data, sensitive government communications and a lot of more. With the rapid development in IT technology, accessing the network become cheaper and easier. As a result, organizations are more vulnerable to both insiders and outsider threat. This work proposes user profiling in anomaly detection and analysis of log authorization. This method enables companies to assess each user's activities and detect slight deviation from their usual pattern. To evaluate this method, we obtained a private dataset from NextLabs Company, and the CERT dataset that is a public dataset. We used random forest for this system and presented the results. The result shows that the algorithm achieved 97.81% of accuracy.

引用

页码：59 / 65

页数：7

共 50 条

[21] Behavior Profiling for Robust Anomaly Detection
Hsiao, Shun-Wen
Sun, Yeali S.
Chen, Meng Chang
Zhang, Hui
[J]. 2010 IEEE INTERNATIONAL CONFERENCE ON WIRELESS COMMUNICATIONS, NETWORKING AND INFORMATION SECURITY (WCNIS), VOL 1, 2010, : 465 - +
[22] Video behavior profiling for anomaly detection
Xiang, Tao
Gong, Shaogang
[J]. IEEE TRANSACTIONS ON PATTERN ANALYSIS AND MACHINE INTELLIGENCE, 2008, 30 (05) : 893 - 908
[23] Human behaviour profiling for anomaly detection
Zhu, Xudong
Liu, Zhi-Jing
[J]. INTERNATIONAL JOURNAL OF INTELLIGENT COMPUTING AND CYBERNETICS, 2011, 4 (03) : 366 - 379
[24] A Dynamic Normal Profiling for Anomaly Detection
Zuo, Shenzheng
[J]. 2009 5TH INTERNATIONAL CONFERENCE ON WIRELESS COMMUNICATIONS, NETWORKING AND MOBILE COMPUTING, VOLS 1-8, 2009, : 4404 - 4407
[25] An Integrated Method for Anomaly Detection From Massive System Logs
Liu, Zhaoli
Qin, Tao
Guan, Xiaohong
Jiang, Hezhi
Wang, Chenxu
[J]. IEEE ACCESS, 2018, 6 : 30602 - 30611
[26] Latent Variable Based Anomaly Detection in Network System Logs
Otomo, Kazuki
Kobayashi, Satoru
Fukuda, Kensuke
Esaki, Hiroshi
[J]. IEICE TRANSACTIONS ON INFORMATION AND SYSTEMS, 2019, E102D (09) : 1644 - 1652
[27] SwissLog: Robust Anomaly Detection and Localization for Interleaved Unstructured Logs
Li, Xiaoyun
Chen, Pengfei
Jing, Linxiao
He, Zilong
Yu, Guangba
[J]. IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, 2023, 20 (04) : 2762 - 2780
[28] How to Configure Masked Event Anomaly Detection on Software Logs?
Nyyssola, Jesse
Mantyla, Mika
Varela, Martin
[J]. 2022 IEEE INTERNATIONAL CONFERENCE ON SOFTWARE MAINTENANCE AND EVOLUTION (ICSME 2022), 2022, : 414 - 418
[29] ConAnomaly: Content-Based Anomaly Detection for System Logs
Lv, Dan
Luktarhan, Nurbol
Chen, Yiyong
[J]. SENSORS, 2021, 21 (18)
[30] Anomaly Detection on System Generated Logs-A Survey Study
Jose, Jisha M.
Reeja, S. R.
[J]. MOBILE COMPUTING AND SUSTAINABLE INFORMATICS, 2022, 68 : 779 - 793

← 1 2 3 4 5 →