Identifying Suspicious Behavior from Multiple Events
نویسندگان
چکیده
Suspicious behavior detection becomes increasingly more challenging when agents are observed over a longer period of time. The detection system has to identify suspicious subjects from a collection of individual’s events, where no single event is enough to decide whether his/her behavior is suspicious, but the combination of multiple events enables reasoning. We establish a probabilistic Bayesian framework for evaluating multiple events and show that the optimal evaluation is not possible in practice. We propose a naïve and a heuristic approach and test them on an airport domain. The heuristic approach achieves high performance resulting in high detection rate and low false-alarm ratio.
منابع مشابه
Towards Detection of Suspicious Behavior from Multiple Observations
This paper addresses the problem of detecting suspicious behavior from a collection of individuals events, where no single event is enough to decide whether his/her behavior is suspicious, but the combination of multiple events enables reasoning. We establish a Bayesian framework for evaluating multiple events and show that the current approaches lack modeling behavior history included in the e...
متن کاملDetection of suspicious behavior from a sparse set of multiagent interactions
In many multiagent domains, no single observation event is sufficient to determine that the behavior of individuals is suspicious. Instead, suspiciousness must be inferred from a combination of multiple events, where events refer to the individual’s interactions with other individuals. Hence, a detection system must employ a detector that combines evidence frommultiple events, in contrast to mo...
متن کاملTowards Dynamic Tracking of Multi-Agents Teams: An Initial Report
This paper takes first steps to address the challenge of plan recognition for dynamic multi-agents teams, in the context of suspicious behavior recognition. Plan recognition is the process of inferring other agents’ plans and goals based on their observable actions. Team plan recognition poses the challenge of such inference, of a team’s joint goals and plans. Most previous work have focused on...
متن کاملIdentifying Suspicious Bidders Utilizing Hierarchical Clustering and Decision Trees
Identifying bidders with suspicious bidding activities related to possible online auction fraud is a difficult task due to a large number of users participating in online auctions. In order to reduce the number of users to be investigated, we examine observable features of a bidder’s behavior, and utilize a hierarchical clustering technique to divide a collection of bidders into normal and devi...
متن کاملAttribution and Aggregation of Network Flows for Security Analysis
This paper describes a network flow analyzer that is capable of attribution and aggregation of different flows into single activity events for the purposes of identifying suspicious and illegitimate behaviors. Flows are correlated with security events using the Process Query System (PQS) infrastructure. We show results from initial experiments and describe plans for extending the effort. The co...
متن کامل