Detecting anomalies in work practice data by combining multiple domains of information
作者: Evgeniy Bart , Hoda M. A. Eldardiry , Robert R. Price , Juan J. Liu
DOI:
关键词:
摘要: One embodiment of the present invention provides a system for multi-domain clustering. During operation, collects domain data at least two domains associated with users, wherein is source describing observable activities user. Next, estimates probability distribution The also second Then, analyzes model that includes variables or more to determine each and assign users clusters user roles.
lens.org 参考文章(34)
Malek Ben Salem, Shlomo Hershkop, Salvatore J Stolfo, A Survey of Insider Attack Detection Research Insider Attack and Cyber Security. pp. 69- 90 ,(2008) , 10.1007/978-0-387-77322-3_5
Chetan Kotak, Charles C. Zhou, Ying Zhao, Multiple Domain Anomaly Detection System and Method Using Fusion Rule and Visualization ,(2011)
Prakash Bhaskaran, Risk Scoring Based On Endpoint User Activities ,(2009)
Leon Gong, Joseph P. Bigus, Christoph Lingenfelder, Deviation detection of usage patterns of computer resources ,(2008)
Charles C. Zhou, Ying Zhao, System and method for knowledge pattern search from networked agents ,(2011)
Guy Jacobson, Greg B. Kinne, Arnold Lent, Colin Goodall, Method and apparatus for multi-domain anomaly pattern definition and detection ,(2007)
Tom Miltonberger, Modeling users for fraud detection and analysis ,(2009)
Jack W. Stokes, Robert E. Fitzgerald, Alice X. Zheng, Edward W. Hardy, Bodicherla Aditya Prakash, Analysis of computer network activity by successively removing accepted types of access events ,(2010)
Christopher W. Day, Intrusion detection system using self-organizing clusters ,(2002)
Steve Roberts, Laurent Dupont, Eli Yawo Amesefe, Richard Thomas Oehrle, Keith Eric Schon, Elizabeth B. Charnock, Continuous anomaly detection based on behavior modeling and heterogeneous information analysis ,(2013)