Abstract | ||
---|---|---|
In an organization, the interactions users have with software leave patterns or traces of the parts of the systems accessed. These interactions can be associated with the underlying software architecture. The first step in detecting problems like insider threat is to detect those traces that are anomalous. Here, we propose a method to find anomalous users leveraging these interaction traces, categorized by user roles. We propose a model based approach to cluster user sequences and find outliers. We show that the approach works on a simulation of a large scale system based on and Amazon Web application style. |
Year | DOI | Venue |
---|---|---|
2016 | 10.1145/2898375.2898401 | HotSoS |
Keywords | Field | DocType |
anomaly detection,model-based graph clustering | Data mining,Anomaly detection,Computer science,Outlier,Insider threat,Software,Web application,Software architecture | Conference |
Citations | PageRank | References |
0 | 0.34 | 22 |
Authors | ||
6 |
Name | Order | Citations | PageRank |
---|---|---|---|
hemank lamba | 1 | 183 | 16.59 |
Thomas J. Glazier | 2 | 3 | 1.40 |
Bradley R. Schmerl | 3 | 1074 | 54.32 |
Javier Cámara | 4 | 503 | 44.77 |
David Garlan | 5 | 7861 | 761.63 |
Jürgen Pfeffer | 6 | 346 | 26.57 |