Detecting and classifying anomalous behavior in spatiotemporal network data
نویسندگان
چکیده
We investigate different models for detecting and classifying important geopolitical events in high-frequency spatiotemporal network data. Building on previous empirical work on the network response to real-world events, our goal is to develop a generative model that can identify the time, location, and nature of different emergency and non-emergency events. As a testbed for these models, we use a large dataset containing billions of anonymized mobile phone calls and text messages from Afghanistan, and associated metadata on several known important geopolitical events. We find that simple and scalable time-series models of geographically aggregated call volume can accurately identify the onset of major events when the approximate time and location of the event is known. However, such models ignore the network structure in the data, and are not well suited to spatial localization. Preliminary results from dynamic matrix factorization models, which generatively model network structure, indicate a promising area for future work.
منابع مشابه
Detecting Bot Networks Based On HTTP And TLS Traffic Analysis
Abstract— Bot networks are a serious threat to cyber security, whose destructive behavior affects network performance directly. Detecting of infected HTTP communications is a big challenge because infected HTTP connections are clearly merged with other types of HTTP traffic. Cybercriminals prefer to use the web as a communication environment to launch application layer attacks and secretly enga...
متن کاملAnomaly-based Web Attack Detection: The Application of Deep Neural Network Seq2Seq With Attention Mechanism
Today, the use of the Internet and Internet sites has been an integrated part of the people’s lives, and most activities and important data are in the Internet websites. Thus, attempts to intrude into these websites have grown exponentially. Intrusion detection systems (IDS) of web attacks are an approach to protect users. But, these systems are suffering from such drawbacks as low accuracy in ...
متن کاملDetecting Distributed Denial of Service Attacks Using Data Mining Techniques
Users and organizations find it continuously challenging to deal with distributed denial of service (DDoS) attacks. . The security engineer works to keep a service available at all times by dealing with intruder attacks. The intrusiondetection system (IDS) is one of the solutions to detecting and classifying any anomalous behavior. The IDS system should always be updated with the latest intrude...
متن کاملDetecting Compounded Anomalous SNMP Situations Using Cooperative Unsupervised Pattern Recognition
This research employs unsupervised pattern recognition to approach the thorny issue of detecting anomalous network behavior. It applies a connectionist model to identify user behavior patterns and successfully demonstrates that such models respond well to the demands and dynamic features of the problem. It illustrates the effectiveness of neural networks in the field of Intrusion Detection (ID)...
متن کاملDiscovery of anomalous behaviour in temporal networks
In this work, we consider the problem of detecting anomalous behaviour, and we present a novel approach allows classifying ”behaviour” either to be normal or abnormal by checking the p-value associated with the occurrence of the behaviour which is modelled following a binomial distribution within a discrete time model. The basic model for social networks is a graph. Over time, the graph underly...
متن کامل