Algorithm for detecting anomalous hosts based on group activity evolution

作者:

Highlights:

• Presenting a perspective of group activity on network behavior anomaly detection.

• An effectively algorithm to measure the changes of group activity evolution.

• Determining whether the evolution conforms to or deviates from the normal evolution.

• Defining the baseline of group activity evolution by historical characteristics.

摘要

•Presenting a perspective of group activity on network behavior anomaly detection.•An effectively algorithm to measure the changes of group activity evolution.•Determining whether the evolution conforms to or deviates from the normal evolution.•Defining the baseline of group activity evolution by historical characteristics.

论文关键词:Anomaly detection,Profiling group activity,Network behavior,Dynamic evolution

论文评审过程:Received 29 August 2020, Revised 29 December 2020, Accepted 29 December 2020, Available online 31 December 2020, Version of Record 4 January 2021.

论文官网地址:https://doi.org/10.1016/j.knosys.2020.106734