Title :
Automated Anomaly Detection Using Time-Variant Normal Profiling
Author :
Kim, Jung Yeop ; Gantenbein, Rex E.
Author_Institution :
Utica Coll., Utica
Abstract :
Anomaly detection provides automated detection of unauthorized intrusion into a computer system by creating a normal profile of the system\´s behavior, then raising an alert when the system\´s behavior does not fit the system\´s normal profile. Approaches to anomaly detection that focus on investigating user\´s behavior typically assume that a user\´s command sequences will not vary significantly over time and so tend to flag "unusual" but safe activities as anomalies. We propose the use of "time-variant normal" user profiles that assume a user will change activities over time. The approach combines string-matching algorithms from machine intelligence and sequence alignment algorithms from biomedical informatics to dynamically evaluate user behavior.
Keywords :
artificial intelligence; security of data; string matching; automated anomaly detection; biomedical informatics; computer system; machine intelligence; sequence alignment algorithm; string-matching algorithm; time-variant normal profiling; unauthorized intrusion detection; Automation; Biomedical computing; Biomedical informatics; Change detection algorithms; Computerized monitoring; Condition monitoring; Educational institutions; Intrusion detection; Machine intelligence; Protection; Security; anomaly detection; automated systems; intrusion detection; pattern matching;
Conference_Titel :
Automation Congress, 2006. WAC '06. World
Conference_Location :
Budapest
Print_ISBN :
1-889335-33-9
DOI :
10.1109/WAC.2006.376026
