2

I need to create model which will find suspicious entries or anomalies in a network, whose characteristics or features are the asset_id, user_id, IP accessed from and time_stamp.

Which unsupervised anomaly detection algorithms or models should I use to solve this task?

nbro
  • 39,006
  • 12
  • 98
  • 176
Abishek
  • 33
  • 6

2 Answers2

1

If you are OK to use python, thy novelty-detection with sklearn:

https://scikit-learn.org/stable/modules/outlier_detection.html

Vivek
  • 126
  • 3
1

Hierarchical Temporal Memory is a model well suited for anomaly detection. It is also pretty interesting and different from currently typical Deep Learning models.

BlindKungFuMaster
  • 4,185
  • 11
  • 23
  • I would add the detail that HTM-based algorithms are better suited for cases where you expect a stream of data (i.e. you want to continuously learn and detect anomalies online). – nbro Mar 14 '19 at 10:44