A Renewal Model of Intrusion
Abstract
We present a probabilistic model of an intrusion in a renewal process. Given a process and a sequence of events, an intrusion is a subsequence of events that is not produced by the process. Applications of the model are, for example, online payment fraud with the fraudster taking over a user's account and performing payments on the user's behalf, or unexpected equipment failures due to unintended use. We adopt Bayesian approach to infer the probability of an intrusion in a sequence of events, a MAP subsequence of events constituting the intrusion, and the marginal probability of each event in a sequence to belong to the intrusion. We evaluate the model for intrusion detection on synthetic data and on anonymized data from an online payment system.
- Publication:
-
arXiv e-prints
- Pub Date:
- September 2017
- DOI:
- 10.48550/arXiv.1709.08163
- arXiv:
- arXiv:1709.08163
- Bibcode:
- 2017arXiv170908163T
- Keywords:
-
- Computer Science - Artificial Intelligence;
- Computer Science - Cryptography and Security
- E-Print:
- 12 pages including appendix