Online Program Home
  My Program

Abstract Details

Activity Number: 141 - Statistical Analysis of Cyber-Security Data
Type: Invited
Date/Time: Monday, July 31, 2017 : 10:30 AM to 12:20 PM
Sponsor: Royal Statistical Society
Abstract #321976 View Presentation
Title: Modelling User Behavior using Endpoint Host Data
Author(s): Melissa Turcotte*
Companies: Los Alamos National Laboratory
Keywords: cyber-security ; user behaviour analytics

Host or endpoint event logs in a computer network are a valuable and under-utilized data source for network security. These logs allow analysts to both understand normal behavior across the network and to replay details of an intrusion. However, they are also a complex data source. Given the vast number of logged events, human analysts struggle to discover interesting relationships between entries and to find useful log entries amid a huge number of innocuous entries.

One important research problem associated with these data is identifying user credential theft or misuse. Various approaches to modelling user behaviour in a computer network will be presented.

Authors who are presenting talks have a * after their name.

Back to the full JSM 2017 program

Copyright © American Statistical Association