System and method of anomaly detection with categorical attributes

System and method of anomaly detection with categorical attributes

A method and apparatus are provided where the method includes detecting a plurality of events related to the activities of users within a security system, wherein the events are defined by a plurality of attributes, wherein at least one attribute is categorical, and wherein a data distance between e...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Vacha Pavel, Guralnik Valerie, Libal Vit
Format: Patent
Sprache:eng
Schlagworte:
ALARM SYSTEMS
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
ORDER TELEGRAPHS
PHYSICS
SIGNALLING
SIGNALLING OR CALLING SYSTEMS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:A method and apparatus are provided where the method includes detecting a plurality of events related to the activities of users within a security system, wherein the events are defined by a plurality of attributes, wherein at least one attribute is categorical, and wherein a data distance between events is a function of event attributes, evaluating the detected events using a density based anomaly detection method f(r), where r is a size of a neighborhood around a data point, comparing a value of the evaluated expression with a margin threshold value (msg(r)), and setting an alarm upon detecting that the value exceeds the threshold value.