A Unifying Framework for Detecting Outliers and Change Points from Time Series
IEEE Transactions on Knowledge and Data Engineering
Elements of Information Theory (Wiley Series in Telecommunications and Signal Processing)
Elements of Information Theory (Wiley Series in Telecommunications and Signal Processing)
Unsupervised Anomaly Detection in Network Traffic by Means of Robust PCA
ICCGI '07 Proceedings of the International Multi-Conference on Computing in the Global Information Technology
Dynamic Model Selection With its Applications to Novelty Detection
IEEE Transactions on Information Theory
| Hi-index | 0.00 |
Anomaly detection or novelty detection has emerged as a powerful tool for masquerade detection during the past decade. However, the strong dependence of previous methods on uncontaminated training data is a matter of concern. We introduce a novel masquerade detection algorithm based on a statistical test for system parameter drift of time series data. The approach presented may exploit attack-free training data if provided, but is not dependent on it. It transforms the string of commands into a symbol sequence, respectively using the average time index difference of symbols identical to the symbol found at a particular index for anomaly detection. We evaluated the method using the standard data set provided by Schonlau et al., both including and excluding the use of training data. We report the results achieved with and without training data, and compare them to the results attained by several conventional methods using training data.