Anomaly Detection as a Service : Challenges, Advances, and Opportunities / by Danfeng (Daphne) Yao, Xiaokui Shu, Long Cheng, Salvatore J. Stolfo.

Format:

Book

Author/Creator:

Yao, Danfeng (Daphne)., Author.

Shu, Xiaokui., Author.

Cheng, Long., Author.

Stolfo, Salvatore J., Author.

Series:

Synthesis Lectures on Information Security, Privacy, and Trust, 1945-9750

Language:

English

Subjects (All):

Data protection.

Data and Information Security.

Local Subjects:

Data and Information Security.

Physical Description:

1 online resource (XV, 157 p.)

Edition:

1st ed. 2018.

Place of Publication:

Cham : Springer International Publishing : Imprint: Springer, 2018.

System Details:

Mode of access: World Wide Web.

Summary:

Anomaly detection has been a long-standing security approach with versatile applications, ranging from securing server programs in critical environments, to detecting insider threats in enterprises, to anti-abuse detection for online social networks. Despite the seemingly diverse application domains, anomaly detection solutions share similar technical challenges, such as how to accurately recognize various normal patterns, how to reduce false alarms, how to adapt to concept drifts, and how to minimize performance impact. They also share similar detection approaches and evaluation methods, such as feature extraction, dimension reduction, and experimental evaluation. The main purpose of this book is to help advance the real-world adoption and deployment anomaly detection technologies, by systematizing the body of existing knowledge on anomaly detection. This book is focused on data-driven anomaly detection for software, systems, and networks against advanced exploits and attacks, but also touches on a number of applications, including fraud detection and insider threats. We explain the key technical components in anomaly detection workflows, give in-depth description of the state-of-the-art data-driven anomaly-based security solutions, and more importantly, point out promising new research directions. This book emphasizes on the need and challenges for deploying service-oriented anomaly detection in practice, where clients can outsource the detection to dedicated security providers and enjoy the protection without tending to the intricate details.

Contents:

Preface

Acknowledgments

Introduction

Threat Models

Local vs. Global Program Anomaly Detection

Program Analysis in Data-driven Anomaly Detection

Anomaly Detection in Cyber-Physical Systems

Anomaly Detection on Network Traffic

Automation and Evaluation for Anomaly Detection Deployment

Anomaly Detection from the Industry's Perspective

Exciting New Problems and Opportunities

Bibliography

Authors' Biographies

Index.

Notes:

Includes bibliographical references and index.

ISBN:

9783031023545

3031023544