User Selection of Clusters and Classifiers in Behavior Based Access Control. BBAC uses statistical machine learning techniques (clustering and classification) to make predictions about the intent of actors establishing TCP connections and HTTP requests.
Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.
BBAC uses statistical machine learning techniques (clustering and classification) to make predictions about the intent of actors establishing TCP connections and HTTP requests.
We are currently trying to answer the following questions:
How to group similar behaviors?
How to detect suspicious behavior?
How to correct false positives?
How do administrators assign new actors to a behavioral group?
How to alert the administrator of suspicious behavior?
How do administrators select classifiers / set policy?
This work was sponsored by the Air Force Research Laboratory (AFRL). DISTRIBUTION A: Approved for public release; distribution unlimited (Case Number 88ABW-2013-1041)
New Training / Clustering Data
Data Streams in
Suspicious clustering changes
Assigning new machines to cluster