Title :
Real-time anomaly detection using a nonparametric pattern recognition approach
Author :
Lankewicz, Linda ; Benard, Mark
Author_Institution :
Dept. of Comput. Sci., Tulane Univ., New Orleans, LA, USA
Abstract :
Obstacles to achieving anomaly detection in real time include the large volume of data associated with user behavior and the nature of that data. The paper describes preliminary results from a research project which is developing a new approach to handling such data. The approach involves nonparametric statistical methods which permits considerable data compression and which supports pattern recognition techniques for identifying user behavior. This approach applies these methods to a combination of measurements of resource usage and structural information about the behavior of processes. Preliminary results indicate that both accuracy and real time response can be achieved using these methods
Keywords :
auditing; operating systems (computers); pattern recognition; real-time systems; security of data; anomaly detection; computer resource misuse; data compression; nonparametric pattern recognition; real time; user behavior; Access control; Computer crime; Computer science; Data compression; Data mining; Feature extraction; Information security; Pattern recognition; Real time systems; Statistical analysis;
Conference_Titel :
Computer Security Applications Conference, 1991. Proceedings., Seventh Annual
Conference_Location :
San Antonio, TX
Print_ISBN :
0-8186-2280-6
DOI :
10.1109/CSAC.1991.213016
