A3 Book section, Chapters in research books
Learning Temporal Regularities of User Behavior for Anomaly Detection (2001)
Seleznyov, A., Mazhelis, O., & Puuronen, S. (2001). Learning Temporal Regularities of User Behavior for Anomaly Detection. In V. Gorodetski, L. Popyak, & V. Skormin (Eds.), Information Assurance in Computer Networks : Methods, Models and Architectures for Network Security (pp. 143-152). Springer. Lecture Notes in Computer Science, 2052. https://doi.org/10.1007/3-540-45116-1_16
JYU authors or editors
Publication details
All authors or editors: Seleznyov, Alexandr; Mazhelis, Oleksiy; Puuronen, Seppo
Parent publication: Information Assurance in Computer Networks : Methods, Models and Architectures for Network Security
Parent publication editors: Gorodetski, V.; Popyak, L.; Skormin, V.
ISBN: 978-3-540-42103-0
eISBN: 978-3-540-45116-7
Journal or series: Lecture Notes in Computer Science
ISSN: 0302-9743
Publication year: 2001
Number in series: 2052
Pages range: 143-152
Publisher: Springer
Place of Publication: Berlin
Publication country: Germany
Publication language: English
DOI: https://doi.org/10.1007/3-540-45116-1_16
Publication open access: Not open
Publication channel open access:
Abstract
Fast expansion of inexpensive computers and computer networks has dramatically increased number of computer security incidents during last years. While quite many computer systems are still vulnerable to numerous attacks, intrusion detection has become vitally important as a response to constantly increasing number of threats. In this paper we discuss an approach to discover temporal and sequential regularities in user behavior. We present an algorithm that allows creating and maintaining user profiles relying not only on sequential information but taking into account temporal features, such as events’ lengths and possible temporal relations between them. The constructed profiles represent peculiarities of users’ behavior and used to decide whether a behavior of a certain user is normal or abnormal.
Free keywords: network security; intrusion detection; anomaly detection; online learning; user profiling; user recognition
Contributing organizations
Ministry reporting: Yes
Preliminary JUFO rating: Not rated