|
Title:
|
PREDICT USER ANOMALY USING COLLABORATIVE FILTERING AND IP BLACKLIST |
|
Author(s):
|
Zong-Cyuan Jhang, Alexander Chen |
|
ISBN:
|
978-989-8533-29-6 |
|
Editors:
|
Piet Kommers, Tomayess Issa, Dian-Fu Chang and Pedro Isaías |
|
Year:
|
2014 |
|
Edition:
|
Single |
|
Keywords:
|
Network Flow, Anomaly Prediction, Collaborative Filtering, Information Security |
|
Type:
|
Full Paper |
|
First Page:
|
31 |
|
Last Page:
|
38 |
|
Language:
|
English |
|
Cover:
|
|
|
Full Contents:
|
click to dowload 
|
|
Paper Abstract:
|
In cyberspace, we always look for effective and efficient detectors that can spot attacks or malicious behavior as soon as possible. What if we can identify some highly-possible malicious behavior in a very early stage to prevent systems or networks from a disaster even if the judgment may not be so mature? In this paper, we propose a method which uses Collaborative Filtering as its foundation to detect malicious behavior in its early stage. As an anomaly detection approach, we put more effort on reducing the false negatives while keeping the false positives at an acceptable level. The collaborative filtering approach uses similar patterns that happened in the past to decide what could be safe or dangerous at the current time. Our method analyzes the network flow data to detect users anomalous symptoms, and then adjusts their network speed according to our anomaly judgment in order to prevent what could be more serious consequence in a later stage. In a small-scale experiment, the prediction result of the proposed method reaches the perfect 100% accuracy. Furthermore, we are able to increase the calculation speed simply by adding more nodes. |
|
|
|
|
|
|
