Name
Abstract | ||
|---|---|---|
In this paper we propose a novel algorithm to detect anomalous user behaviour in computer sessions. We first identify the behavioural profile of each authorized user from the computational tasks they usually carry out on the files of the information system. A new session is then codified as 2-length sequences and an algorithm based on the probability of those sequences is applied. The activities classified as possible anomalies are double-checked by applying Markov chains. The procedure has been proved efficient in terms of high detection accuracy and low false positive rate. It has been validate on a real database provided by a governmental institution of Ecuador and also on a public dataset of Unix commands. Besides, the algorithm has been shown efficient regarding computational time and the overhead of this monitoring software is low. |
Year | DOI | Venue |
|---|---|---|
2017 | 10.1016/j.knosys.2017.01.009 | Knowl.-Based Syst. |
Keywords | Field | DocType |
Anomaly detection,Computer user behaviour,Markov chains,Data leakage,Knowledge-based decision system | Information system,Data mining,False positive rate,Anomaly detection,Computer science,Markov chain,Unix,Algorithm,Software,Artificial intelligence,Machine learning | Journal |
Volume | Issue | ISSN |
120 | C | 0950-7051 |
Citations | PageRank | References |
1 | 0.35 | 20 |
Authors | ||
3 | ||
Name | Order | Citations | PageRank |
|---|---|---|---|
| César Guevara | 1 | 1 | 0.69 |
| Matilde Santos | 2 | 143 | 24.39 |
| victoria lopez | 3 | 25 | 3.33 |