Imperial College London
Portrait Picture

Professor Nick Heard

Faculty of Natural SciencesDepartment of Mathematics

Chair in Statistics
 
 
 
//

Contact

 

+44 (0)20 7594 1490n.heard Website

 
 
//

Location

 

543Huxley BuildingSouth Kensington Campus

//

Summary

 

Publications

Citation

BibTex format

@inproceedings{Turcotte:2016:10.1109/ISI.2016.7745472,
author = {Turcotte, M and Moore, J and Heard, NA and McPhall, A},
doi = {10.1109/ISI.2016.7745472},
publisher = {IEEE},
title = {Poisson factorization for peer-based anomaly detection},
url = {http://dx.doi.org/10.1109/ISI.2016.7745472},
year = {2016}
}
Download

RIS format (EndNote, RefMan)

TY  - CPAPER
AB  - Anomaly detection systems are a promising tool to identify compromised user credentials and malicious insiders in enterprise networks. Most existing approaches for modelling user behaviour rely on either independent observations for each user or on pre-defined user peer groups. A method is proposed based on recommender system algorithms to learn overlapping user peer groups and to use this learned structure to detect anomalous activity. Results analysing the authentication and process-running activities of thousands of users show that the proposed method can detect compromised user accounts during a red team exercise.
AU  - Turcotte,M
AU  - Moore,J
AU  - Heard,NA
AU  - McPhall,A
DO  - 10.1109/ISI.2016.7745472
PB  - IEEE
PY  - 2016///
TI  - Poisson factorization for peer-based anomaly detection
UR  - http://dx.doi.org/10.1109/ISI.2016.7745472
UR  - http://hdl.handle.net/10044/1/42761
ER  -
Download