Data science for cybersecurity: A probabilistic time series model for detecting RDP inbound brute force attacks - Microsoft Security

Dec-20-2019, 02:12:52 GMT–#artificialintelligence

Our approach to time series anomaly detection is computationally efficient, automatically learns how to update probabilities and adapt to changes in data. As we describe in the next section, this approach has yielded successful attack detection at high precision. The proposed time series anomaly detection model was deployed and utilized by Microsoft Threat Experts to detect RDP brute force attacks during threat hunting activities. A list that ranks machines across enterprises with the lowest anomaly scores (indicating the likelihood of observing a value at least as large under expected conditions in all signals considered) is updated and reviewed every day. See Table 1 for an example.

brute force attack, force attack, rdp brute force attack, (12 more...)

#artificialintelligence

Dec-20-2019, 02:12:52 GMT

News Web Page

Add feedback

Country:
- Asia > Russia (0.04)
- Europe
  - United Kingdom (0.04)
  - Russia (0.04)
  - Netherlands (0.04)

Industry:
- Information Technology > Security & Privacy (1.00)
- Government > Military
  - Cyberwarfare (0.41)

Technology:
- Information Technology
  - Security & Privacy (1.00)
  - Data Science > Data Mining
    - Anomaly Detection (1.00)
  - Artificial Intelligence > Machine Learning
    - Performance Analysis > Accuracy (0.75)

Duplicate Docs Excel Report

Title
None found

Similar Docs Excel Report more

Title	Similarity	Source
None found