Imperial College London

Professor Nick Heard

Faculty of Natural SciencesDepartment of Mathematics

Chair in Statistics



+44 (0)20 7594 1490n.heard Website




543Huxley BuildingSouth Kensington Campus






BibTex format

author = {Price-Williams, M and Turcotte, M and Heard, N},
doi = {10.1109/EISIC.2018.00009},
pages = {1--6},
title = {Time of Day Anomaly Detection},
url = {},
year = {2018}

RIS format (EndNote, RefMan)

AB - © 2018 IEEE. Anomaly detection systems have been shown to perform well in detecting compromised user credentials within an enterprise computer network. Most existing approaches have focused on modelling activities that users perform within the network but not the time at which users are active. This article presents an approach for identifying compromised user credentials based on modelling their time of day or diurnal patterns. Anomalous behaviour in this respect would correspond to a user working during hours that deviate from their normal historical behaviour. The methodology is demonstrated using authentication data from Los Alamos National Laboratory's enterprise computer network.
AU - Price-Williams,M
AU - Turcotte,M
AU - Heard,N
DO - 10.1109/EISIC.2018.00009
EP - 6
PY - 2018///
SP - 1
TI - Time of Day Anomaly Detection
UR -
ER -