Information Prioritizing: Ranking Transactions to Detect Anomalies
Alfredo Cruz
| ||
Information Prioritizing: Ranking Transactions to Detect Anomalies | ||
| Published in: | Engineering for a Smarter Planet: Innovation, ITC, and Computational Tools for Sustainable Development: Proceedings of the 9th Latin American and Caribbean Conference for Engineering and Technology | |
| Date of Conference: | August 3-5, 2011 | |
| Location of Conference: | Medellin, Colombia | |
| Authors: | Jan Flores Alfredo Cruz | |
| Refereed Paper: | #141 | |
Abstract | ||
| This paper focuses on the problem of prioritizing information. More specifically, it deals with applying the concept of detectors to help detect anomalies within a collection of individual items. The motivation for this work is the development of a real-world application to prioritize a log of transactions. The application should aid system administrators in detecting unusual behavior patterns that may indicate potential security risks. We discuss information management concepts such as information retrieval, filtering and categorization, to distinguish them from information prioritizing. Then, we delve into information prioritization concepts, application development details and the analysis of experimental results. After analysis, it is concluded that equivalence classing and the independence surrogate are critical for the naïve detector to become ideally suited for identifying abnormal behavior patterns within a set of transactions. | ||