2020 IEEE International Conference on Intelligence and Security Informatics (ISI) 2020
DOI: 10.1109/isi49825.2020.9280524
|View full text |Cite
|
Sign up to set email alerts
|

Multi-Dimensional Anomalous Entity Detection via Poisson Tensor Factorization

Abstract: As the attack surfaces of large enterprise networks grow, anomaly detection systems based on statistical user behavior analysis play a crucial role in identifying malicious activities. Previous work has shown that link prediction algorithms based on non-negative matrix factorization learn highly accurate predictive models of user actions. However, most statistical link prediction models have been constructed on bipartite graphs, and fail to capture the nuanced, multi-faceted details of a user's activity profil… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

0
4
0

Year Published

2021
2021
2024
2024

Publication Types

Select...
3
2
2

Relationship

0
7

Authors

Journals

citations
Cited by 9 publications
(4 citation statements)
references
References 16 publications
0
4
0
Order By: Relevance
“…Comparison can be seen in Figs 3 and 4. LANL dataset is referenced by two papers [22,78]. There is one paper each referencing the SEA dataset [20], KDD dataset [21], and Azure Public dataset [23].…”
Section: Resultsmentioning
confidence: 99%
“…Comparison can be seen in Figs 3 and 4. LANL dataset is referenced by two papers [22,78]. There is one paper each referencing the SEA dataset [20], KDD dataset [21], and Azure Public dataset [23].…”
Section: Resultsmentioning
confidence: 99%
“…One important characteristic of computer network monitoring is that it produces rich and complex data. While we focus on communications between hosts and their temporal component, one important avenue of research deals with jointly modelling the many other facets of these communications, such as the associated user accounts or network protocols [5]. Note, however, that the core of our approach could easily be extended in this direction: typically, instead of predicting temporal edges (i, j, t), we could predict hyperedges (v 1 , .…”
Section: Discussion and Future Workmentioning
confidence: 99%
“…Tensor factorization and beyond. Besides dynamic latent space models, another popular approach to temporal graph modelling relies on Candecomp/Parafac (CP) tensor factorization [3,4,13], which Eren et al [5] proposed to use for computer network monitoring. The idea behind this approach is to represent a temporal graph as a three-mode tensor, with modes representing the time step, the origin and the destination, respectively.…”
Section: Related Work -Temporal Graph Modelsmentioning
confidence: 99%
See 1 more Smart Citation