Cited By
View all- King IHuang H(2023)Euler: Detecting Network Lateral Movement via Scalable Temporal Link PredictionACM Transactions on Privacy and Security10.1145/358877126:3(1-36)Online publication date: 27-Jun-2023
Activity-based temporal anomaly detection in enterprise-cyber security
Pages 248 - 250
Abstract
Statistical anomaly detection is emerging as an important complement to signature-based methods for enterprise network defence. In this paper, we isolate a persistent structure in two different enterprise network data sources. This structure provides the basis of a regression-based anomaly detection method. The procedure is demonstrated on a large public domain data set.
References
[1]
I. Friedberg, F. Skopik, G. Settanni, and R. Fiedler, “Combating advanced persistent threats: From network event correlation to incident detection.” Computers and Security, vol. 48, pp. 35–57, 2015.
[2]
N. Adams and N. Heard, Data analysis for network cyber-security. Imperial College Press, 2014.
[3]
N. Adams, and N. Heard, Dynamic networks and cyber-security. World Scientific 2016.
[4]
A. D. Kent, “Comprehensive, multi-source cyber-security events,” Los Alamos National Laboratory, 2015.
[5]
A. D. Kent, “Cybersecurity data sources for dynamic network research,” in Dynamic Networks in Cybersecurity. World Scientific 2016.
[6]
R. Fisher, Statistical methods for research workers. Oliver and Boyd 1925.
[7]
M. J. M. Turcotte, N. A. Heard, and J. Neil, “Detecting localised anomalous behaviour in a computer network.” in Advances in Intelligent Data Analysis XIII, 2014, pp. 321–332.
Index Terms
- Activity-based temporal anomaly detection in enterprise-cyber security
Index terms have been assigned to the content through auto-classification.
Recommendations
Specification-based anomaly detection: a new approach for detecting network intrusions
CCS '02: Proceedings of the 9th ACM conference on Computer and communications securityUnlike signature or misuse based intrusion detection techniques, anomaly detection is capable of detecting novel attacks. However, the use of anomaly detection in practice is hampered by a high rate of false alarms. Specification-based techniques have ...
Towards an immunity-based anomaly detection system for network traffic
KES'06: Proceedings of the 10th international conference on Knowledge-Based Intelligent Information and Engineering Systems - Volume Part IIWe have applied our previous immunity-based system to anomaly detection for network traffic, and confirmed that our system outperformed the single-profile method. For internal masquerader detection, the missed alarm rate was 11.21% with no false alarms. ...
Security Anomaly Detection in Enterprise GitHub
PEARC '24: Practice and Experience in Advanced Research Computing 2024: Human Powered ComputingEnterprises that build software on a large scale have complexities that are unique, where the software delivery community may scale to numbers that are difficult to oversee, either from a software engineering or security perspective. The ability to ...
Comments
Information & Contributors
Information
Published In
326 pages
Copyright © 2016.
Publisher
IEEE Press
Publication History
Published: 01 September 2016
Qualifiers
- Research-article
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- View Citations1Total Citations
- 0Total Downloads
- Downloads (Last 12 months)0
- Downloads (Last 6 weeks)0
Reflects downloads up to 21 Sep 2024
Other Metrics
Citations
Cited By
View all- King IHuang H(2023)Euler: Detecting Network Lateral Movement via Scalable Temporal Link PredictionACM Transactions on Privacy and Security10.1145/358877126:3(1-36)Online publication date: 27-Jun-2023
View Options
View options
Get Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in