Tensors

Malware Antivirus Scan Pattern Mining via Tensor Decomposition

Accurate labeling is important for detecting malware and building reference datasets which can be used for evaluating machine learning (ML) based malware classification and clustering approaches. Labels obtained from Anti-Virus (AV) vendors (such as …

COVID-19 Multidimensional Kaggle Literature Organization

The unprecedented outbreak of Severe Acute Respiratory Syndrome Coronavirus-2 (SARS-CoV-2), or COVID-19, continues to be a significant worldwide problem. As a result, a surge of new COVID-19 related research has followed suit. The growing number of …

Random Forest of Tensors (RFoT)

Machine learning has become an invaluable tool in the fight against malware. Traditional supervised and unsupervised methods are not designed to capture the multi-dimensional details that are often present in cyber data. In contrast, tensor …

Multi-Dimensional Anomalous Entity Detection via Poisson Tensor Factorization

As the attack surfaces of large enterprise networks grow, anomaly detection systems based on statistical user behavior analysis play a crucial role in identifying malicious activities. Previous work has shown that link prediction algorithms based on …

Anomalous Event Detection using Non-Negative Poisson Tensor Factorization

Network intrusion detection systems that are based on statistical User Behaviour Analytics play a fundamental role in the identification of anomalous agents such as malicious insiders, misused accounts, and users with compromised credentials. To this extent, there have been significant results in detecting anomalies from learned user behavior models via non-negative Poisson matrix factorization. We expand upon previous work in this project by exploiting the higher dimensional and sparse problems created by the user authentication data. An integrated multidimensional anomaly scoring method based on tensors and Poisson recommender systems is proposed. In our experiments, we build a higher-order model that can detect the accounts compromised by red-team during penetration testing activities at a large organization.