Ben Priest

Learn More
We present the GOSMR architecture, a modular agent architecture designed to actuate web browsers and other network applications, and demonstrate the importance of modeling how users think about the past and future in accurately modeling network traffic. The architecture separates the hierarchical generation of goals and incentives (Behaviors) from(More)
We present a methodology for promoting situational awareness of an enterprise network using only network artifacts discernible from network protocol logs. We utilized latent Dirichlet allocation (LDA) over two corpora, the first composed of search queries and the second composed of external domain names issued by enterprise users through the network proxy(More)
Enterprise computer networks are filled with users performing a variety of tasks, ranging from business-critical tasks to personal interest browsing. Due to this multi-modal distribution of behaviors, it is non-trivial to automatically discern which behaviors are business-relevant and which are not. Additionally, it is difficult to infer communities of(More)
We present a method for detecting when a user's remote access account has been compromised in such a way that an attacker model can be learned during operations. A Naive Bayes model is built for each user that stores the likelihood for each remote session based on a variety of features available in the access logs. During operation, we leverage Expectation(More)
We demonstrate that psychological models of utility discounting can explain the pattern of increased hits to weather websites in the days preceding a predicted weather disaster. We parsed the HTTP request lines issued by the web proxy for a mid-sized enterprise leading up to a hurricane, filtering for visits to weather-oriented websites. We fit four(More)
  • 1