The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Security is one of the top concerns of any enterprise. Most security practitioners in enterprises rely on correlation rules to detect potential threats. While the rules are intuitive to design, each rule is independently defined per log source, unable to collectively address heterogeneity of data from a myriad of enterprise networking and security logs. Furthermore, correlation rules do not look for...
The special characteristics of time series data, such as their high dimensionality and complex dependencies between variables make the problem of detecting anomalies in time series very challenging. Anomalies and more precisely dependency anomalies ensue from the temporal causal depen-dencies. Furthermore the graphical Granger causal models provide an appropriate environment to capture all the temporal...
In this paper, we propose an online spatiotemporal data-driven methodology to detect malicious cyber attacks that target power system balancing and frequency control. The anomaly detection, which spots abnormal generator behavioral patterns in real time, is achieved locally at a power plant with peer to peer communication capability. We mainly consider the data integrity attack targeting Automatic...
Banks and financial institutions around the world must comply with several policies for the prevention of money laundering and in order to combat the financing of terrorism. Nowadays, there is a raise in the popularity of novel financial technologies such as digital currencies, social trading platforms and distributed ledger payments, but there is a lack of approaches to enforce the aforementioned...
Given a stream of heterogeneous edges, comprising different types of nodes and edges, which arrive in an interleaved fashion to multiple different graphs evolving simultaneously, how can we spot the anomalous graphs in real-time using only constant memory? This problem is motivated by and generalizes from its application in security to host-level advanced persistent threat (APT) detection. In this...
In this paper, we propose a work flow for processing and analysing large-scale tracking data with spatio-temporal marks that uses an infrastructure for machine learning methods based on a meta-data representation of point patterns. The tracking log (IP address) of cyber security devices usually maps to geolocation and timestamp, such data is called spatiotemporal data. Existing spatio-temporal analysis...
Reliable uncertainty estimation for time series prediction is critical in many fields, including physics, biology, and manufacturing. At Uber, probabilistic time series forecasting is used for robust prediction of number of trips during special events, driver incentive allocation, as well as real-time anomaly detection across millions of metrics. Classical time series models are often used in conjunction...
In this paper, we propose and evaluate the application of unsupervised machine learning to anomaly detection for a Cyber-Physical System (CPS). We compare two methods: Deep Neural Networks (DNN) adapted to time series data generated by a CPS, and one-class Support Vector Machines (SVM). These methods are evaluated against data from the Secure Water Treatment (SWaT) testbed, a scaled-down but fully...
This paper presents detailed anomaly detection evaluation on operational time-series data of Internet of Things (IoT) based household devices in general and Heating, Ventilation and Air Conditioning (HVAC) systems in specific. Due to the number of issues observed during evaluation of widely used distance-based, statistical-based, and cluster-based anomaly detection techniques, we also present a pattern-based...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.