Biblio
We present an effective machine learning method for malicious activity detection in enterprise security logs. Our method involves feature engineering, or generating new features by applying operators on features of the raw data. We generate DNF formulas from raw features, extract Boolean functions from them, and leverage Fourier analysis to generate new parity features and rank them based on their highest Fourier coefficients. We demonstrate on real enterprise data sets that the engineered features enhance the performance of a wide range of classifiers and clustering algorithms. As compared to classification of raw data features, the engineered features achieve up to 50.6% improvement in malicious recall, while sacrificing no more than 0.47% in accuracy. We also observe better isolation of malicious clusters, when performing clustering on engineered features. In general, a small number of engineered features achieve higher performance than raw data features according to our metrics of interest. Our feature engineering method also retains interpretability, an important consideration in cyber security applications.
Through-wall sensing of hidden objects is a topic that is receiving a wide interest in several application contexts, especially in the field of security. The success of the object retrieval relies on accurate scattering models as well as on reliable inversion algorithms. In this paper, a contribution to the modeling of direct scattering for Through-Wall Imaging applications is given. The approach deals with hidden scatterers that are circular cross-section metallic cylinders placed below a dielectric layer, and it is based on an analytical-numerical technique implementing Cylindrical Wave Approach. As the burial medium of the scatterers may be a dielectric of arbitrary permittivity, general problems of scattering by hidden objects may be considered.When the burial medium is filled with air, the technique can simulate objects concealed in a building interior. Otherwise, simulation of geophysical problems of targets buried in a layered soil can be performed. Numerical results of practical cases are reported in the paper, showing the potentialities of the technique for its use in inversion algorithms.