Abstract
Enterprise cyber-attacks play a critical role because detecting intrusions in an organization is a usual activity in today’s scenario. We need a security system using which we utilize a variety of algorithms and techniques to detect security-related anomalies and threats in an enterprise network environment. The system helps in providing scores for anomalous activities and produces alerts. The system receives data from multiple intrusion detection or prevention systems which are preprocessed and generates a graphical representation of entities. The proposed scoring algorithm provides a mechanism which aids in detecting anomalous behavior and security threats in an enterprise network environment. The algorithm employs User/Entity behavioral analytics (UEBA) to analyze network traffic logs and user activity data to learn from user behavior to indicate a malicious presence in your environment, whether the threat is previously known or not. Graph-based anomalous detection technique has been applied in this approach, the graph represents each entity’s behavior.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
X. Hu, T. Wang, M.P. Stoecklin, D.L. Schales, J. Jang, R. Sailer, Asset Risk Scoring in Enterprise Network with Mutually Reinforced Reputation Propagation, in 2014 IEEE Security and Privacy Workshops (San Jose, CA, 2014), pp. 61–64
X. Xi, T. Zhang, D. Du, G. Zhao, Q. Gao, W. Zhao, S. Zhang, Method and system for detecting anomalous user behaviors: an ensemble approach, in SEKE (2018), pp. 263–262
M. Shashanka, M.Y. Shen, J. Wang, User and entity behavior analytics for enterprise security, in 2016 IEEE International Conference on Big Data (Big Data) (IEEE, 2016), pp. 1867–1874
O. Carlsson, D. Nabhani, User and Entity Behavior Anomaly Detection using Network Traffic (2017)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Sharma, S., Makkar, G. (2021). Scoring Algorithm Identifying Anomalous Behavior in Enterprise Network. In: Sharma, N., Chakrabarti, A., Balas, V.E., Martinovic, J. (eds) Data Management, Analytics and Innovation. Advances in Intelligent Systems and Computing, vol 1175. Springer, Singapore. https://doi.org/10.1007/978-981-15-5619-7_6
Download citation
DOI: https://doi.org/10.1007/978-981-15-5619-7_6
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-15-5618-0
Online ISBN: 978-981-15-5619-7
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)