User Behavior Traffic Analysis Using a Simplified Memory-Prediction Framework

作     者：Rahmat Budiarto Ahmad A.Alqarni Mohammed YAlzahrani Muhammad Fermi Pasha Mohamed FazilMohamed Firdhous Deris Stiawan 

作者机构：College of Computer Science&ITAlbaha UniversityAlaqiq65779-7738Saudi Arabia Malaysia School of Information TechnologyMonash UniversityBandar Sunway47500Malaysia Department of Information TechnologyUniversity of MoratuwaMoratuwa10400Sri Lanka Faculty of Computer ScienceUniversitas SriwijayaIndralaya30662Indonesia 

出 版 物：《Computers, Materials & Continua》 (计算机、材料和连续体（英文）)

年 卷 期：2022年第70卷第2期

页      面：2679-2698页

核心收录：

学科分类：08[工学] 0812[工学-计算机科学与技术（可授工学、理学学位）] 

基　　金：This research was funded by Scientific Research Deanship Albaha University under the Grant Number:[24/1440] 

主　　题：Machine learning memory prediction framework insider attacks user behavior analytics 

摘      要：As nearly half of the incidents in enterprise security have been triggered by insiders,it is important to deploy a more intelligent defense system to assist enterprises in pinpointing and resolving the incidents caused by insiders or malicious software(malware)in *** to do so may cause a serious loss of reputation as well as *** the same time,modern network traffic has dynamic patterns,high complexity,and large volumes that make it more difficult to detect malware *** ability to learn tasks sequentially is crucial to the development of artificial *** neurogenetic computation models with deep-learning techniques are able to detect complex patterns;however,the models have limitations,including catastrophic forgetfulness,and require intensive computational *** defense systems using deep-learning models require more time to learn new traffic patterns,they cannot perform fully online(on-the-fly)***,an intelligent attack/malware detection system with on-the-fly learning capability is *** this paper,a memory-prediction framework was adopted,and a simplified single cell assembled sequential hierarchical memory(***)model instead of the hierarchical temporal memory(HTM)model is proposed to speed up learning convergence to achieve onthe-fly *** *** consists of a Single Neuronal Cell(SNC)model and a simplified Sequential Hierarchical Superset(SHS)*** *** implemented as the prediction engine of a user behavior analysis tool to detect insider attacks/*** experimental results show that the proposed memory model can predict users’traffic behavior with accuracy level ranging from 72%to 83%while performing on-the-fly learning.