Approach to Recognition of Malicious Behavior Based on Autoregression Model upon Investigation into Cyberincident.

Autor: Smirnov, S. I., Eremeev, M. A., Pribylov, I. A.
Zdroj: Automatic Control & Computer Sciences; Dec2021, Vol. 55 Issue 8, p1099-1103, 5p
Abstrakt: An approach to recognition of malicious behavior based on analysis of the Security.evtx security log of Windows operating system upon investigation into a security incident is given. The use of an autoregression model is experimentally tested (Change Finder algorithm), from which the malicious activity of the users of the domain in the corporate network is revealed. [ABSTRACT FROM AUTHOR]
Databáze: Complementary Index