Anomaly Detection Support Using Process Classification

01/13/2021
by   Sebastian Eresheim, et al.
0

Anomaly detection systems need to consider a lot of information when scanning for anomalies. One example is the context of the process in which an anomaly might occur, because anomalies for one process might not be anomalies for a different one. Therefore data – such as system events – need to be assigned to the program they originate from. This paper investigates whether it is possible to infer from a list of system events the program whose behavior caused the occurrence of these system events. To that end, we model transition probabilities between non-equivalent events and apply the k-nearest neighbors algorithm. This system is evaluated on non-malicious, real-world data using four different evaluation scores. Our results suggest that the approach proposed in this paper is capable of correctly inferring program names from system events.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
01/09/2018

Precision and Recall for Range-Based Anomaly Detection

Classical anomaly detection is principally concerned with point-based an...
research
06/26/2019

Visual Anomaly Detection in Event Sequence Data

Anomaly detection is a common analytical task that aims to identify rare...
research
10/08/2021

Anomaly Detection in Beehives: An Algorithm Comparison

Sensor-equipped beehives allow monitoring the living conditions of bees....
research
11/12/2021

Variation and generality in encoding of syntactic anomaly information in sentence embeddings

While sentence anomalies have been applied periodically for testing in N...
research
03/08/2018

A New Model for Evaluating Range-Based Anomaly Detection Algorithms

Classical anomaly detection (AD) is principally concerned with point-bas...
research
01/25/2023

Unravelling physics beyond the standard model with classical and quantum anomaly detection

Much hope for finding new physics phenomena at microscopic scale relies ...
research
07/16/2019

Detecting anomalies in fibre systems using 3-dimensional image data

We consider the problem of detecting anomalies in the directional distri...

Please sign up or login with your details

Forgot password? Click here to reset