• Publications
  • Influence
Experiences and Challenges in Enhancing Security Information and Event Management Capability Using Unsupervised Anomaly Detection
TLDR
We analyze a comprehensive dataset of 15 million Windows security events from various perspectives using the k-nearest neighbor algorithm in a large-scale Microsoft Windows domain network. Expand
  • 9
  • 1
Enhancing Security Event Management Systems with Unsupervised Anomaly Detection
TLDR
We present an enhancement of SIEM systems which makes use of unsupervised anomaly detection algorithms without the need for any prior training of the system. Expand
  • 8
  • 1
  • PDF