Software Engineering Institute

Improved Hunt Seeding with Specific Anomaly Scoring

January 8, 2019 • Presentation

By

Brenden Bishop (Columbus Collaboratory)

In this presentation, the attendees were presented with a flexible, open-source tool for non-parametrically modeling multivariate densities of network logs.

Publisher

Columbus Collaboratory

Subjects

Flocon

Abstract

In this presentation, Brenden Bishop presented attendees with a flexible, open-source tool for non-parametrically modeling multivariate densities of network logs. Once constructed, such models can be utilized to score the anomalousness of log records and facilitate directed hunting. More subtly, attendees gained insight into the potential benefits available through iteratively collaborating with statistical engineers/data scientists, such as the construction of highly customizable models for specific phenomena on specific networks.

Download PDF

Part of a Collection

FloCon 2019 Presentations

Ask a question about this Presentation

This content was created for a conference series or symposium and does not necessarily reflect the positions and views of the Software Engineering Institute.