Chrome Extension
WeChat Mini Program
Use on ChatGLM

Detection of Anomaly User Behaviors Based on Deep Neural Networks

International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)(2021)CCF C

Natl Univ Def Technol | Soochow Univ | Shaoxing Univ

Cited 0|Views15
Abstract
In order to predict the user's anomaly operation behaviors, we perform deep learning modeling on the user's UNIX command line operation sequence. The use of deep neural networks in anomaly detection is to build a model through the training set, enabling the model to predict the user's next action or command based on the given first $n$ actions or commands. The network trains the command set commonly used by users. After a period, the network can match the real commands according to the existing user characteristic files in the network, and any mismatched events or commands are regarded as anomalies. The detection of anomaly user behaviors is an imbalanced classification problem. To address imbalanced classification problem, we propose an imbalanced self-paced sampling method to improve the efficiency of anomaly user behavior detection. The results show that the DNNs model can usually find anomaly user behaviors that are not easily detectable by other models in anomaly detection.
More
Translated text
Key words
Behavior analysis,deep learning,imbalanced self-paced sampling
求助PDF
上传PDF
Bibtex
AI Read Science
AI Summary
AI Summary is the key point extracted automatically understanding the full text of the paper, including the background, methods, results, conclusions, icons and other key content, so that you can get the outline of the paper at a glance.
Example
Background
Key content
Introduction
Methods
Results
Related work
Fund
Key content
  • Pretraining has recently greatly promoted the development of natural language processing (NLP)
  • We show that M6 outperforms the baselines in multimodal downstream tasks, and the large M6 with 10 parameters can reach a better performance
  • We propose a method called M6 that is able to process information of multiple modalities and perform both single-modal and cross-modal understanding and generation
  • The model is scaled to large model with 10 billion parameters with sophisticated deployment, and the 10 -parameter M6-large is the largest pretrained model in Chinese
  • Experimental results show that our proposed M6 outperforms the baseline in a number of downstream tasks concerning both single modality and multiple modalities We will continue the pretraining of extremely large models by increasing data to explore the limit of its performance
Upload PDF to Generate Summary
Must-Reading Tree
Example
Generate MRT to find the research sequence of this paper
Data Disclaimer
The page data are from open Internet sources, cooperative publishers and automatic analysis results through AI technology. We do not make any commitments and guarantees for the validity, accuracy, correctness, reliability, completeness and timeliness of the page data. If you have any questions, please contact us by email: report@aminer.cn
Chat Paper

要点】:本文提出了一种跨平台的完整系统模拟动态污点分析框架FDTAF,用于IoT固件的安全分析,解决了现有工具性能下降、通用性不足和仅限于用户模式的问题,创新地结合了QEMU层的VMI和比特级污点传播技术,并提供了分析工具以提高动态污点分析在IoT设备分析中的可用性。

方法】:FDTAF框架通过结合QEMU层的TCG层和VMI技术实现了跨平台的完整系统模拟,并在C++、C和Python语言中分别编写了1680行、9490行和320行代码。

实验】:研究对比了FDTAF和DECAF在固件分析适用性上的性能,并通过使用真实世界的漏洞验证了分析框架的实用性,实验结果显示FDTAF在性能和适用性上均有显著提升。