Get our free extension to see links to code for papers anywhere online!

Chrome logo Add to Chrome

Firefox logo Add to Firefox


System Misuse Detection via Informed Behavior Clustering and Modeling

Jul 01, 2019
Linara Adilova, Livin Natious, Siming Chen, Olivier Thonnard, Michael Kamp


Share this with someone who'll enjoy it:


One of the main tasks of cybersecurity is recognizing malicious interactions with an arbitrary system. Currently, the logging information from each interaction can be collected in almost unrestricted amounts, but identification of attacks requires a lot of effort and time of security experts. We propose an approach for identifying fraud activity through modeling normal behavior in interactions with a system via machine learning methods, in particular LSTM neural networks. In order to enrich the modeling with system specific knowledge, we propose to use an interactive visual interface that allows security experts to identify semantically meaningful clusters of interactions. These clusters incorporate domain knowledge and lead to more precise behavior modeling via informed machine learning. We evaluate the proposed approach on a dataset containing logs of interactions with an administrative interface of login and security server. Our empirical results indicate that the informed modeling is capable of capturing normal behavior, which can then be used to detect abnormal behavior.

* 9 pages including appendix, DSN Workshop on Data-Centric Dependability and Security (http://dcds.lasige.di.fc.ul.pt/


   Access Paper Source



Share this with someone who'll enjoy it: