An Anomaly Detection Method of User Behavior Based on XGBoost
With the continuous expansion and electronic development of enterprise business,the enterprise's own data and load data are being to explode.However,internal data,as one of the core assets of the enterprise,is facing increasingly serious se-curity threats.More and more non-obvious attacks,typically characterized by long cycles,low frequency,and strong concealment,bypass traditional security detection methods and cause damage to large amounts of data.According to the relationship between us-ers,entities and behaviors,it is proposed to integrate various data that can reflect user behavior baselines,extract several basic fea-tures that can best reflect user anomalies,and combine the feature selection strategy of XGBoost with the FCM clustering algorithm to score and locate a group of users with the greatest risk of abnormality.The results show that the newly proposed anomaly detection algorithm has an accuracy rate of over 82%and a recall rate of over 86%.
国家科技期刊平台
NSTL
万方数据
