Abstract
The current increase in cybercrime is demanding more effective and efficient data exploration and analysis solutions that can help analysts to detect cyberattacks. However, the huge amount of data generated continuously confronts a number of technological difficulties and classical algorithms must be often redesigned to be able to deal with this seemingly endless stream of information coming from past activity logs and real-time data. In this paper, we propose a novel methodology able to identify security threats in activity logs. The contribution of the paper is twofold: we propose an encoding technique, based on prime numbers, that can be used to represent in a compact way a set of activities, we then describe an outlier detection algorithm which, based on the encoded activities, is able to detect malicious behavior. The extensive experimental analysis proved the effectiveness of the proposed methodology.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
