Combining Unsupervised Approaches for Near Real-Time Network Traffic Anomaly Detection

Carrera, Francesco; Dentamaro, Vincenzo; Galantucci, Stefano; Iannacone, Andrea; Impedovo, Donato; Pirlo, G.

doi:10.3390/app12031759

Cited by 20 publications

(2 citation statements)

References 22 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Modeling a user profile, including their interests, characteristics, preferences, and behaviors, is a crucial step in defining a suitable baseline to feed into ML algorithms that are capable of predicting deviations from them that are not known a priori (Eke et al, 2019 ; Savenkov and Ivutin, 2020 ). Unsupervised learning algorithms are useful when there is no prior knowledge of the anomaly being investigated (Vikram and Mohana, 2020 ; Carrera et al, 2022 ; Mochurad et al, 2023 ). A UEBA engine can greatly benefit from unsupervised learning algorithms because any substantial deviation from normal behavior in common communication patterns can represent a potential attack (Martín et al, 2021 ; Fysarakis et al, 2023 ).…”

Section: Introductionmentioning

confidence: 99%

A comprehensive investigation of clustering algorithms for User and Entity Behavior Analytics

Artioli,

Maci,

Magrì

2024

Front. Big Data

View full text Add to dashboard Cite

IntroductionGovernment agencies are now encouraging industries to enhance their security systems to detect and respond proactively to cybersecurity incidents. Consequently, equipping with a security operation center that combines the analytical capabilities of human experts with systems based on Machine Learning (ML) plays a critical role. In this setting, Security Information and Event Management (SIEM) platforms can effectively handle network-related events to trigger cybersecurity alerts. Furthermore, a SIEM may include a User and Entity Behavior Analytics (UEBA) engine that examines the behavior of both users and devices, or entities, within a corporate network.MethodsIn recent literature, several contributions have employed ML algorithms for UEBA, especially those based on the unsupervised learning paradigm, because anomalous behaviors are usually not known in advance. However, to shorten the gap between research advances and practice, it is necessary to comprehensively analyze the effectiveness of these methodologies. This paper proposes a thorough investigation of traditional and emerging clustering algorithms for UEBA, considering multiple application contexts, i.e., different user-entity interaction scenarios.Results and discussionOur study involves three datasets sourced from the existing literature and fifteen clustering algorithms. Among the compared techniques, HDBSCAN and DenMune showed promising performance on the state-of-the-art CERT behavior-related dataset, producing groups with a density very close to the number of users.

show abstract

Section: Introductionmentioning

confidence: 99%

A comprehensive investigation of clustering algorithms for User and Entity Behavior Analytics

Artioli,

Maci,

Magrì

2024

Front. Big Data

View full text Add to dashboard Cite

show abstract

“…The used validation methods and training processes in this paper are well-known methods in most modeling and optimization problems, which have been used in many studies [110][111][112][113][114][115]. In several studies [116][117][118][119][120][121][122][123][124][125], different mathematical methods such as feature extraction, feature reduction, feature selection, correlation analysis, and numerical calculation, etc., have been used. In this study, feature extraction in the time domain and correlation analysis were used in order to present a novel metering system.…”

mentioning

confidence: 99%

Extraction of Time-Domain Characteristics and Selection of Effective Features Using Correlation Analysis to Increase the Accuracy of Petroleum Fluid Monitoring Systems

et al. 2022

View full text Add to dashboard Cite

In the current paper, a novel technique is represented to control the liquid petrochemical and petroleum products passing through a transmitting pipe. A simulation setup, including an X-ray tube, a detector, and a pipe, was conducted by Monte Carlo N Particle-X version (MCNPX) code to examine a two-by-two mixture of four diverse petroleum products (ethylene glycol, crude oil, gasoline, and gasoil) in various volumetric ratios. As the feature extraction system, twelve time characteristics were extracted from the received signal, and the most effective ones were selected using correlation analysis to present reasonable inputs for neural network training. Three Multilayers perceptron (MLP) neural networks were applied to indicate the volume ratio of three kinds of petroleum products, and the volume ratio of the fourth product can be feasibly achieved through the results of the three aforementioned networks. In this study, increasing accuracy was placed on the agenda, and an RMSE < 1.21 indicates this high accuracy. Increasing the accuracy of predicting volume ratio, which is due to the use of appropriate characteristics as the neural network input, is the most important innovation in this study, which is why the proposed system can be used as an efficient method in the oil industry.

show abstract

An AI-Based Approach for the Improvement of University Technology Transfer Processes in Healthcare

Demarinis Loiotile,

Veneto,

Agrimi

et al. 2024

Information Systems and Technologies

View full text Add to dashboard Cite

Combining Unsupervised Approaches for Near Real-Time Network Traffic Anomaly Detection

Cited by 20 publications

References 22 publications

A comprehensive investigation of clustering algorithms for User and Entity Behavior Analytics

A comprehensive investigation of clustering algorithms for User and Entity Behavior Analytics

Extraction of Time-Domain Characteristics and Selection of Effective Features Using Correlation Analysis to Increase the Accuracy of Petroleum Fluid Monitoring Systems

An AI-Based Approach for the Improvement of University Technology Transfer Processes in Healthcare

Contact Info

Product

Resources

About