Spectral and Wavelet Coherence for Point Processes: A Tool for Cyber

Опубликовано 4 сентября 2018, 23:56

Computer networks can be represented by (marked) point processes communicating information between nodes. Developing methodologies for finding and understanding correlations that exist between the point processes, particularly methods that can deal with inherent non-stationarity in the data, is therefore key to characterizing normal networks and hence spotting anomalous and potentially malicious behavior. Spectral methods in the stationary setting, and more recently time-frequency methods (e.g. wavelets) in the non-stationary setting, have proven to be extremely powerful tools for analyzing underlying structure in stochastic processes, however their use in point processes is still reasonably under-developed. They particularly have great potential for revealing periodic signaling (beaconing) that is typical of malicious behavior. Furthermore, they could be implemented in an extremely fast and computationally efficient way. In this talk, I will present some recent developments in spectral and wavelet methodology for point processes and discuss how they could have use in a cyber security setting.

See more at microsoft.com/en-us/research/v...