Real-time detection and classification of anomalous events in streaming data

Ferragut, Erik M.; Goodall, John R.; Iannacone, Michael D.; Laska, Jason A.; Harrison, Lane T.

Real-time detection and classification of anomalous events in streaming data

Patent · Tue Apr 19 00:00:00 EDT 2016

OSTI ID:1247988

Ferragut, Erik M.; Goodall, John R.; Iannacone, Michael D.; Laska, Jason A.; Harrison, Lane T.

A system is described for receiving a stream of events and scoring the events based on anomalousness and maliciousness (or other classification). The events can be displayed to a user in user-defined groupings in an animated fashion. The system can include a plurality of anomaly detectors that together implement an algorithm to identify low probability events and detect atypical traffic patterns. The atypical traffic patterns can then be classified as being of interest or not. In one particular example, in a network environment, the classification can be whether the network traffic is malicious or not.

Research Organization:: Oak Ridge National Laboratory (ORNL), Oak Ridge, TN (United States)

Sponsoring Organization:: USDOE

DOE Contract Number:: AC05-00OR22725

Assignee:: UT-Battelle, LLC (Oak Ridge, TN)

Patent Number(s):: 9,319,421

Application Number:: 14/053,248

OSTI ID:: 1247988

Country of Publication:: United States

Language:: English

References (4)

Anomaly detection: A survey Chandola, Varun; Banerjee, Arindam; Kumar, Vipin ACM Computing Surveys, Vol. 41, Issue 3, p. 1-58 https://doi.org/10.1145/1541880.1541882	journal	July 2009
Integration of Self-Organizing Map (SOM) and Kernel Density Estimation (KDE) for network intrusion detection Cao, Yuan; He, Haibo; Man, Hong SPIE Europe Security + Defence, SPIE Proceedings https://doi.org/10.1117/12.834890	conference	September 2009
VAST Challenge 2012: Visual analytics for big data Cook, Kristin; Grinstein, Georges; Whiting, Mark 2012 IEEE Conference on Visual Analytics Science and Technology (VAST) https://doi.org/10.1109/VAST.2012.6400529	conference	October 2012
An Intrusion-Detection Model Denning, D. E. IEEE Transactions on Software Engineering, Vol. SE-13, Issue 2 https://doi.org/10.1109/TSE.1987.232894	journal	February 1987

Similar Records

Detection of anomalous events

Patent · Tue Jun 07 00:00:00 EDT 2016 · OSTI ID:1255959

Compression Analytics for Classification and Anomaly Detection within Network Communication

Journal Article · Fri Oct 26 00:00:00 EDT 2018 · IEEE Transactions on Information Forensics and Security · OSTI ID:1485466

ThunderSecure: deploying real-time intrusion detection for 100G research networks by leveraging stream-based features and one-class classification network

Journal Article · Sun Jul 31 20:00:00 EDT 2022 · Int.J.Inf.Secur. · OSTI ID:1867680

Related Subjects

97 MATHEMATICS AND COMPUTING
99 GENERAL AND MISCELLANEOUS

Real-time detection and classification of anomalous events in streaming data

Citation Formats

References (4)

Similar Records

Related Subjects