The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Methodology for statistical analysis of enterprise network data is becoming more important in cyber-security. The volume and velocity of enterprise network data sources puts a premium on streaming analytics - procedures that pass over the data once, while handling temporal variation in the process. In this paper we sketch SCAD: a procedure for streaming anomaly detection in the correlation between...
Statistical anomaly detection is emerging as an important complement to signature-based methods for enterprise network defence. In this paper, we isolate a persistent structure in two different enterprise network data sources. This structure provides the basis of a regression-based anomaly detection method. The procedure is demonstrated on a large public domain data set.
The network traffic generated by a computer, or a pair of computers, is often well modelled as a series of sessions. These are, roughly speaking, intervals of time during which a computer is engaging in the same, continued, activity. This article explores a variety of statistical approaches to re-discovering sessions from network flow data using timing alone. Solutions to this problem are essential...
How can we effectively use costly statistical models in the defence of large computer networks? Statistical modelling and machine learning are potentially powerful ways to detect threats as they do not require a human level understanding of the attack. However, they are rarely applied in practice as the computational cost of deploying all but the most simple algorithms can become implausibly large...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.