Lab Home | Phone | Search
Center for Nonlinear Studies  Center for Nonlinear Studies
 Home 
 People 
 Current 
 Executive Committee 
 Postdocs 
 Visitors 
 Students 
 Research 
 Publications 
 Conferences 
 Workshops 
 Sponsorship 
 Talks 
 Seminars 
 Postdoc Seminars Archive 
 Quantum Lunch 
 Quantum Lunch Archive 
 P/T Colloquia 
 Archive 
 Ulam Scholar 
 
 Postdoc Nominations 
 Student Requests 
 Student Program 
 Visitor Requests 
 Description 
 Past Visitors 
 Services 
 General 
 
 History of CNLS 
 
 Maps, Directions 
 CNLS Office 
 T-Division 
 LANL 
 
Wednesday, March 24, 2010
3:00 PM - 4:30 PM
CNLS Conference Room (TA-3, Bldg 1690)

Seminar

Statistical Anomaly Detection with Applications in Cybersecurity

Yannis Paschalidis
Boston University

Anomaly detection approaches can be broadly grouped into two classes: signature-based detection where known patterns of past anomalies are used to identify ongoing anomalies, and statistical anomaly detection which can accommodate substantial variability in the system activity being monitored and identifies (statistical) patterns that substantially deviate from the normal operation. Earlier work has showed that methods based on pattern matching can always be avoided by sophisticated adversaries, hence, our focus on statistical anomaly detection in this talk. I will describe a number of methods driven solely from a time-series of system activity data that characterize typical system behavior and identify periods of atypical activity. The latter task relies of identifying statistical deviations from typical activity relies on large deviations techniques we have developed. Our models of typical behavior include i.i.d. and Markovian models both in space and time. I will describe applications of our techniques in identifying (i) anomalies in Internet traffic and (ii) anomalies in sensor networks reflecting either routing disruptions or anomalies in the physical system being monitored.

Host: Frank Alexander