Imperial College London
Portrait Picture

Professor Nick Heard

Faculty of Natural SciencesDepartment of Mathematics

Chair in Statistics
 
 
 
//

Contact

 

+44 (0)20 7594 1490n.heard Website

 
 
//

Location

 

543Huxley BuildingSouth Kensington Campus

//

Summary

 

Publications

Citation

BibTex format

@inproceedings{Heard:2016:10.1109/ISI.2016.7745478,
author = {Heard, NA and Rubin-Delanchy, P},
doi = {10.1109/ISI.2016.7745478},
publisher = {IEEE},
title = {Network-wide anomaly detection via the Dirichlet process},
url = {http://dx.doi.org/10.1109/ISI.2016.7745478},
year = {2016}
}
Download

RIS format (EndNote, RefMan)

TY  - CPAPER
AB  - Statistical anomaly detection techniques provide the next layer of cyber-security defences below traditional signature-based approaches. This article presents a scalable, principled, probability-based technique for detecting outlying connectivity behaviour within a directed interaction network such as a computer network. Independent Bayesian statistical models are fit to each message recipient in the network using the Dirichlet process, which provides a tractable, conjugate prior distribution for an unknown discrete probability distribution. The method is shown to successfully detect a red team attack in authentication data obtained from the enterprise network of Los Alamos National Laboratory.
AU  - Heard,NA
AU  - Rubin-Delanchy,P
DO  - 10.1109/ISI.2016.7745478
PB  - IEEE
PY  - 2016///
TI  - Network-wide anomaly detection via the Dirichlet process
UR  - http://dx.doi.org/10.1109/ISI.2016.7745478
UR  - http://hdl.handle.net/10044/1/42763
ER  -
Download