A Model-based Approach to Anomaly Detection in Software Architectures
Title | A Model-based Approach to Anomaly Detection in Software Architectures |
Publication Type | Conference Proceedings |
Year of Publication | 2016 |
Authors | Hemank Lamba, Thomas J. Glazier, Bradley Schmerl, Javier Camara, David Garlan, Jurgen Pfeffer |
Conference Name | Symposium and Bootcamp on the Science of Security (HotSoS) |
Date Published | 4/19/2016 |
Publisher | ACM New York, NY |
Conference Location | Pittsburgh, PA |
ISBN | 978-1-4503-4277-3 |
Keywords | anomaly detection, Apr'16, CMU, model-based graph clustering |
Abstract | In an organization, the interactions users have with software leave patterns or traces of the parts of the systems accessed. These interactions can be associated with the underlying software architecture. The first step in detecting problems like insider threat is to detect those traces that are anomalous. Here, we propose a method to find anomalous users leveraging these interaction traces, categorized by user roles. We propose a model based approach to cluster user sequences and find outliers. We show that the approach works on a simulation of a large scale system based on and Amazon Web application style. |
DOI | 10.1145/2898375.2898401 |
Citation Key | node-25994 |
Attachment | Size |
---|---|
bytes |