Detection of Anomalous Sequential User Behavior



I have a dataset containing a set of normal user sessions. Each session contains a suite of ordered user requests on N system resources {R1, ..., RN}.

enter image description here

I want to design a continuous authentication algorithm, by confirming the user identity at each request command. More precisely, I don’t to let the user complete the whole session (all commands sequence) to authenticate him, but I want to do this at each resource requested command based on his previous normal sequences in the dataset.

How can I build a model over normal sequences to detect anomalous ones in Resource-by-Resource fashion ?

I found a lot of key concepts (Sequential Pattern Mining, Sequence Anomaly Detection, …), but I am completely confused about these concepts

I would like to know how to begin and which ML algorithm(s) I should use.

Houcine Amraoui

Posted 2018-05-04T20:23:37.040

Reputation: 111

No answers