scholarly journals Using Dirichlet Marked Hawkes Processes for Insider Threat Detection

2021 ◽  
Author(s):  
Panpan Zheng ◽  
Shuhan Yuan ◽  
Xintao Wu
Keyword(s):  
Real Time ◽  
Dirichlet Process ◽  
Significant Loss ◽  
Insider Threat ◽  
Threat Detection ◽  
Hawkes Process ◽  
Hawkes Processes ◽  
Recent Activity ◽  
Malicious Insiders ◽  
User Activities

Malicious insiders cause significant loss to organizations. Due to an extremely small number of malicious activities from insiders, insider threat is hard to detect. In this paper, we present a Dirichlet Marked Hawkes Process (DMHP) to detect malicious activities from insiders in real-time. DMHP combines the Dirichlet process and marked Hawkes processes to model the sequence of user activities. Dirichlet process is capable of detecting unbounded user modes (patterns) of infinite user activities, while for each detected user mode, one set of marked Hawkes processes is adopted to model user activities from time and activity type (e.g., WWW visit or send email) information so that different user modes are modeled by different sets of marked Hawkes processes. To achieve real-time malicious insider activity detection, the likelihood of the most recent activity calculated by DMHP is adopted as a score to measure the maliciousness of the activity. Since the majority of user activities are benign, those activities with low likelihoods are labeled as malicious activities. Experimental results on two datasets show the effectiveness of DMHP.

scholarly journals Detection of Mycobacterium avium Subspecies Paratuberculosis in Pooled Fecal Samples by Fecal Culture and Real-Time PCR in Relation to Bacterial Density

Animals ◽  
2021 ◽  
Vol 11 (6) ◽  
pp. 1605
Author(s):  
Annika Wichert ◽  
Esra Einax ◽  
Natalie Hahn ◽  
Anne Klassen ◽  
Karsten Donat
Keyword(s):  
Real Time ◽  
Mycobacterium Avium ◽  
Detection Probability ◽  
Mycobacterium Avium Subspecies Paratuberculosis ◽  
Positive Association ◽  
Significant Loss ◽  
Positive Sample ◽  
Bacterial Density ◽  
Fecal Samples ◽  
Real Time Quantitative Pcr

Within paratuberculosis control programs Mycobacterium avium subsp. paratuberculosis (MAP)-infected herds have to be detected with minimum effort but with sufficient reliability. We aimed to evaluate a combination of random sampling (RS) and pooling for the detection of MAP-infected herds, simulating repeated RS in imitated dairy herds (within-herd prevalence 1.0%, 2.0%, 4.3%). Each RS consisted of taking 80 out of 300 pretested fecal samples, and five or ten samples were repeatedly and randomly pooled. All pools containing at least one MAP-positive sample were analyzed by culture and real-time quantitative PCR (qPCR). The pool detection probability was 47.0% or 45.9% for pools of size 5 or 10 applying qPCR and slightly lower using culture. Combining these methods increased the pool detection probability. A positive association between bacterial density in pools and pool detection probability was identified by logistic regression. The herd-level detection probability ranged from 67.3% to 84.8% for pools of size 10 analyzed by both qPCR and culture. Pools of size 10 can be used without significant loss of sensitivity compared with pools of size 5. Analyzing randomly sampled and pooled fecal samples allows the detection of MAP-infected herds, but is not recommended for one-time testing in low prevalence herds.

A benchmark for visual analysis of insider threat detection

2021 ◽  
Vol 65 (9) ◽  
Author(s):  
Ying Zhao ◽  
Kui Yang ◽  
Siming Chen ◽  
Zhuo Zhang ◽  
Xin Huang ◽  
...  
Keyword(s):  
Visual Analysis ◽  
Insider Threat ◽  
Threat Detection

scholarly journals 0439 Nonlinear Dynamics Forecasting for Personalize Prognosis of Obstructive Sleep Apnea Onsets

SLEEP ◽  
2020 ◽  
Vol 43 (Supplement_1) ◽  
pp. A168-A169
Author(s):  
T Le
Keyword(s):  
Obstructive Sleep Apnea ◽  
Sleep Apnea ◽  
Real Time ◽  
Dirichlet Process ◽  
Clinical Symptoms ◽  
Risk Indicators ◽  
Dirichlet Process Mixture ◽  
Obstructive Sleep ◽  
Estimated Risk ◽  
Normal States

Abstract Introduction The emphasis on disease prevention, early detection, and preventive treatments will revolutionize the way sleep clinicians evaluate their patients. Obstructive Sleep Apnea (OSA) is one of the most prevalent sleep disorders with approximately 100 millions patients been diagnosed worldwide. The effectiveness of sleep disorder therapies can be enhanced by providing personalized and real-time prediction of OSA episode onsets. Previous attempts at OSA prediction are limited to capturing the nonlinear, nonstationary dynamics of the underlying physiological processes. Methods This paper reports an investigation into heart rate dynamics aiming to predict in real time the onsets of OSA episode before the clinical symptoms appear. The method includes (a) a representation of a transition state space network to characterize dynamic transition of apneic states (b) a Dirichlet-Process Mixture-Gaussian-Process prognostic method for estimating the distribution of the time estimate the remaining time until the onset of an impending OSA episode by considering the stochastic evolution of the normal states to an anomalous (apnea) Results The approach was tested using three datasets including (1) 20 records from 14 OSA subjects in benchmark ECG apnea databases (Physionet.org), (2) records of eight subjects from previous work. The average prediction accuracy (R2) is reported as 0.75%, with 87% of observations within the 95% confidence interval. Estimated risk indicators at 1 to 3 min till apnea onset are reported as 85.8 %, 80.2 %, and 75.5 %, respectively. Conclusion The present prognosis approach can be integrated with wearable devices to facilitate individualized treatments and timely prevention therapies. Support N/A

Sign in / Sign up

Export Citation Format

Share Document