计算机与数字工程2024,Vol.52Issue(3):757-760,785,5.DOI:10.3969/j.issn.1672-9722.2024.03.021
一种基于XGBoost的用户行为异常检测方法
An Anomaly Detection Method of User Behavior Based on XGBoost
王江立 1段蔚 1黄逸飞 2李鑫2
作者信息
- 1. 中国地质调查局武汉地质调查中心 武汉 430205
- 2. 武汉理工大学计算机与人工智能学院 武汉 430063
- 折叠
摘要
Abstract
With the continuous expansion and electronic development of enterprise business,the enterprise's own data and load data are being to explode.However,internal data,as one of the core assets of the enterprise,is facing increasingly serious se-curity threats.More and more non-obvious attacks,typically characterized by long cycles,low frequency,and strong concealment,bypass traditional security detection methods and cause damage to large amounts of data.According to the relationship between us-ers,entities and behaviors,it is proposed to integrate various data that can reflect user behavior baselines,extract several basic fea-tures that can best reflect user anomalies,and combine the feature selection strategy of XGBoost with the FCM clustering algorithm to score and locate a group of users with the greatest risk of abnormality.The results show that the newly proposed anomaly detection algorithm has an accuracy rate of over 82%and a recall rate of over 86%.关键词
XGBoost/FCM/用户行为/异常检测Key words
XGBoost/FCM/user behavior/anomaly detection分类
信息技术与安全科学引用本文复制引用
王江立,段蔚,黄逸飞,李鑫..一种基于XGBoost的用户行为异常检测方法[J].计算机与数字工程,2024,52(3):757-760,785,5.
