New statistical model examines massive amounts of data to automatically spot anomalies
- Date:
- July 31, 2017
- Source:
- American Statistical Association
- Summary:
- With the number of security breaches and cyber-attacks on the rise, cyber-security experts may soon have a new tool in the fight against online threats. Scientists have developed a new statistical method for monitoring networks to automatically detect 'strange behavior' and ultimately prevent intrusion.
- Share:
With the number of security breaches and cyber-attacks on the rise and reports of the financial burden of these varying from $400 billion a year to $2.1 trillion by 2019, cyber-security experts may soon have a new tool in the fight against online threats. Patrick Rubin-Delanchy, Heilbronn Research Fellow in Statistics at the University of Oxford, will present a new statistical method for monitoring networks to automatically detect "strange behavior" and ultimately prevent intrusion on Monday, July 31, at the 2017 Joint Statistical Meetings (JSM).
Data arising in cyber-security applications often have a network structure. A tool that monitors networks has access to massive amounts of data of which "normal" behavior can be observed. "Since data on intrusions is lacking," notes Rubin-Delanchy "accurate statistical modeling of connectivity behavior has important implications, particularly for network intrusion detection."
Rubin-Delanchy -- in collaboration with Nick Heard, reader in statistics at Imperial College London, and Carey Priebe, professor of statistics at The Johns Hopkins University -- has developed a "linear algebraic" approach to network anomaly detection, in which nodes are embedded in a finite dimensional latent space, where common statistical, signal-processing and machine-learning methodologies are then available. They illustrate results from their methodology on network flow data collected at Los Alamos National Laboratory.
In contrast with traditional cyber-security approaches like anti-virus software, the new methodology is not based on hand-engineered signatures, but rather machine learning in which programs can access and use the data and learn for themselves. "Our anticipation is that this model will provide a more robust approach to cyber-security in the future."
Story Source:
Materials provided by American Statistical Association. Note: Content may be edited for style and length.
Cite This Page: