Beginning Anomaly Detection Using



Download 26,57 Mb.
Pdf ko'rish
bet200/283
Sana12.07.2021
Hajmi26,57 Mb.
#116397
1   ...   196   197   198   199   200   201   202   203   ...   283
Bog'liq
Beginning Anomaly Detection Using Python-Based Deep Learning

Figure 8-12.  Mortgage loan fraud reporting trend

 Cybersecurity

Another use case for anomaly detection is in cybersecurity or networking. In fact, one of 

the very first use cases   for anomaly detection was decades ago when just the statistical 

models were being used to try to detect any intrusion attempts into networks. In the 

cybersecurity space, there are many things that can happen. One of the most prevalent 

Chapter 8   praCtiCal Use Cases of anomaly DeteCtion




310

attacks is a denial of service (DOS) attack. When a denial of service attack is launched 

against your company’s website or portal so as to disrupt service to your customers, 

typically a large number of machines are mobilized to run simultaneous connections and 

random useless transactions against your portal (which is probably dealing with some 

kind of a payment service for customers). As a result, the portal isn’t responsive to the 

customers, eventually leading to very poor customer experience and a loss of business.

Anomaly detection can detect the anomalous activity since we’re training the system 

on data that has been collected for a long period of time. This data is comprised of 

typical use behavior, patterns in payment, how many users are active, and how much 

the payment is at this particular time, as well as seasonal behaviors and other trends 

that exist for the payment portal. When a DOS attack is suddenly launched against your 

payment portal, it is very possible for your anomaly detection algorithm to detect such 

activity and quickly notify the infrastructure or operational teams who can take corrective 

action such as setting up different firewall rules or better routing rules that attempt to 

block the anomalous or bad actors from launching the attack or prolonging the attack 

against the portal. Figure 

8-13


 is example of anomaly monitoring network flows.

Another example is when hackers try to get into a system given that they were 

somehow able to set up a Trojan to get into the network in the first place. Typically, this 

process involves a lot of scanning, such as port or IP scanning, to see what machines exist 

in the network when the services are being run. The machines may be running SSH and 

telnet (which is easier to crack), and the hacker may try to launch several different types 




Download 26,57 Mb.

Do'stlaringiz bilan baham:
1   ...   196   197   198   199   200   201   202   203   ...   283




Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
ma'muriyatiga murojaat qiling

kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha


yuklab olish