Anomalies are rare observations (eg, data records or events) that deviate significantly from
the others in the sample. Over the past few decades, research on anomaly mining has …

Outliers are also referred to as abnormalities, discordants, deviants, or anomalies in the data
mining and statistics literature. In most applications, the data is created by one or more …

Industry devices (ie, entities) such as server machines, spacecrafts, engines, etc., are
typically monitored with multivariate time series, whose anomaly detection is critical for an …

In this paper, we present HOLMES, a system that implements a new approach to the
detection of Advanced and Persistent Threats (APTs). HOLMES is inspired by several case …

Provenance graphs are structured audit logs that describe the history of a system's
execution. Recent studies have explored a variety of techniques to analyze provenance …

Outlier detection is an important topic in machine learning and has been used in a wide
range of applications. In this paper, we approach outlier detection as a binary-classification …

Advanced Persistent Threats (APTs) are difficult to detect due to their" low-and-slow" attack
patterns and frequent use of zero-day exploits. We present UNICORN, an anomaly-based …

Massive and dynamic networks arise in many practical applications such as social media,
security and public health. Given an evolutionary network, it is crucial to detect structural …

As an important technique for data pre-processing, outlier detection plays a crucial role in
various real applications and has gained substantial attention, especially in medical fields …

Conventional attacks of insider employees and emerging APT are both major threats for the
organizational information system. Existing detections mainly concentrate on users' behavior …