GB2445142A - Anomalous behaviour detection system - Google Patents

Anomalous behaviour detection system Download PDF

Info

Publication number
GB2445142A
GB2445142A GB0808625A GB0808625A GB2445142A GB 2445142 A GB2445142 A GB 2445142A GB 0808625 A GB0808625 A GB 0808625A GB 0808625 A GB0808625 A GB 0808625A GB 2445142 A GB2445142 A GB 2445142A
Authority
GB
United Kingdom
Prior art keywords
detection system
anomalous
anomalous behaviour
behaviour detection
data records
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
GB0808625A
Other versions
GB0808625D0 (en
Inventor
Mark Girolami
Iain Ross Drummond
Ian D Hall
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Memex Technology Ltd
Original Assignee
Memex Technology Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Memex Technology Ltd filed Critical Memex Technology Ltd
Publication of GB0808625D0 publication Critical patent/GB0808625D0/en
Publication of GB2445142A publication Critical patent/GB2445142A/en
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/06Management of faults, events, alarms or notifications
    • H04L41/0604Management of faults, events, alarms or notifications using filtering, e.g. reduction of information by using priority, element types, position or time
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N3/00Computing arrangements based on biological models
    • G06N3/02Neural networks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/16Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks using machine learning or artificial intelligence
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M15/00Arrangements for metering, time-control or time indication ; Metering, charging or billing arrangements for voice wireline or wireless communications, e.g. VoIP
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M15/00Arrangements for metering, time-control or time indication ; Metering, charging or billing arrangements for voice wireline or wireless communications, e.g. VoIP
    • H04M15/41Billing record details, i.e. parameters, identifiers, structure of call data record [CDR]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M15/00Arrangements for metering, time-control or time indication ; Metering, charging or billing arrangements for voice wireline or wireless communications, e.g. VoIP
    • H04M15/47Fraud detection or prevention means
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M15/00Arrangements for metering, time-control or time indication ; Metering, charging or billing arrangements for voice wireline or wireless communications, e.g. VoIP
    • H04M15/70Administration or customization aspects; Counter-checking correct charges
    • H04M15/74Backing up
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M3/00Automatic or semi-automatic exchanges
    • H04M3/22Arrangements for supervision, monitoring or testing
    • H04M3/2281Call monitoring, e.g. for law enforcement purposes; Call tracing; Detection or prevention of malicious calls
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M3/00Automatic or semi-automatic exchanges
    • H04M3/42Systems providing special services or facilities to subscribers
    • H04M3/4228Systems providing special services or facilities to subscribers in networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04QSELECTING
    • H04Q3/00Selecting arrangements
    • H04Q3/0016Arrangements providing connection between exchanges
    • H04Q3/0062Provisions for network management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M2203/00Aspects of automatic or semi-automatic exchanges
    • H04M2203/60Aspects of automatic or semi-automatic exchanges related to security aspects in telephonic communication systems
    • H04M2203/6027Fraud preventions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M2215/00Metering arrangements; Time controlling arrangements; Time indicating arrangements
    • H04M2215/01Details of billing arrangements
    • H04M2215/0148Fraud detection or prevention means
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M2215/00Metering arrangements; Time controlling arrangements; Time indicating arrangements
    • H04M2215/01Details of billing arrangements
    • H04M2215/0164Billing record, e.g. Call Data Record [CDR], Toll Ticket[TT], Automatic Message Accounting [AMA], Call Line Identifier [CLI], details, i.e. parameters, identifiers, structure
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M2215/00Metering arrangements; Time controlling arrangements; Time indicating arrangements
    • H04M2215/70Administration aspects, modify settings or limits or counter-check correct charges
    • H04M2215/709Backup

Landscapes

  • Engineering & Computer Science (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Business, Economics & Management (AREA)
  • Technology Law (AREA)
  • Computer Security & Cryptography (AREA)
  • Artificial Intelligence (AREA)
  • Software Systems (AREA)
  • Evolutionary Computation (AREA)
  • Biophysics (AREA)
  • Economics (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • General Health & Medical Sciences (AREA)
  • Mathematical Physics (AREA)
  • Data Mining & Analysis (AREA)
  • Computational Linguistics (AREA)
  • Biomedical Technology (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • General Business, Economics & Management (AREA)
  • Strategic Management (AREA)
  • Marketing (AREA)
  • Health & Medical Sciences (AREA)
  • Accounting & Taxation (AREA)
  • Development Economics (AREA)
  • Molecular Biology (AREA)
  • Finance (AREA)
  • Medical Informatics (AREA)
  • Databases & Information Systems (AREA)
  • Computer Vision & Pattern Recognition (AREA)
  • Telephonic Communication Services (AREA)
  • Remote Monitoring And Control Of Power-Distribution Networks (AREA)

Abstract

A method and system for detecting anomalous behavior is disclosed comprising the steps of: generating a non-anomalous profile of a plurality of data records calculating a first probability that one or more new data records belong to the non-anomalous profile; calculating a likelihood value, based on the first probability, that the one or more new data records do not belong to the non-anomalous profile.
GB0808625A 2005-10-13 2006-09-21 Anomalous behaviour detection system Withdrawn GB2445142A (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
GB0520789A GB2431255A (en) 2005-10-13 2005-10-13 Anomalous behaviour detection system
PCT/GB2006/050299 WO2007042837A1 (en) 2005-10-13 2006-09-21 Anomalous behaviour detection system

Publications (2)

Publication Number Publication Date
GB0808625D0 GB0808625D0 (en) 2008-06-18
GB2445142A true GB2445142A (en) 2008-06-25

Family

ID=35451645

Family Applications (2)

Application Number Title Priority Date Filing Date
GB0520789A Pending GB2431255A (en) 2005-10-13 2005-10-13 Anomalous behaviour detection system
GB0808625A Withdrawn GB2445142A (en) 2005-10-13 2006-09-21 Anomalous behaviour detection system

Family Applications Before (1)

Application Number Title Priority Date Filing Date
GB0520789A Pending GB2431255A (en) 2005-10-13 2005-10-13 Anomalous behaviour detection system

Country Status (2)

Country Link
GB (2) GB2431255A (en)
WO (1) WO2007042837A1 (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2936670B1 (en) * 2008-09-30 2011-02-25 Alcatel Lucent DETECTION OF ABNORMARY BEHAVIORS OF MOBILE TERMINAL USERS IN A TELECOMMUNICATIONS NETWORK.
CN102567788A (en) * 2010-12-28 2012-07-11 中国移动通信集团重庆有限公司 Real-time identification system and real-time identification method for fraudulent practice in communication services
EP2973141A4 (en) * 2013-03-15 2016-10-26 Cyberricade Inc Cyber security
US9910882B2 (en) 2014-12-19 2018-03-06 International Business Machines Corporation Isolation anomaly quantification through heuristical pattern detection
US9922071B2 (en) 2014-12-19 2018-03-20 International Business Machines Corporation Isolation anomaly quantification through heuristical pattern detection

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2303275A (en) * 1995-07-13 1997-02-12 Northern Telecom Ltd Detecting mobile telephone misuse
GB2321362A (en) * 1997-01-21 1998-07-22 Northern Telecom Ltd Generic processing capability
US5790645A (en) * 1996-08-01 1998-08-04 Nynex Science & Technology, Inc. Automatic design of fraud detection systems
US20040111305A1 (en) * 1995-04-21 2004-06-10 Worldcom, Inc. System and method for detecting and managing fraud

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5375244A (en) * 1992-05-29 1994-12-20 At&T Corp. System and method for granting access to a resource
EP1589716A1 (en) * 2004-04-20 2005-10-26 Ecole Polytechnique Fédérale de Lausanne (EPFL) Method of detecting anomalous behaviour in a computer network

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040111305A1 (en) * 1995-04-21 2004-06-10 Worldcom, Inc. System and method for detecting and managing fraud
GB2303275A (en) * 1995-07-13 1997-02-12 Northern Telecom Ltd Detecting mobile telephone misuse
US5790645A (en) * 1996-08-01 1998-08-04 Nynex Science & Technology, Inc. Automatic design of fraud detection systems
GB2321362A (en) * 1997-01-21 1998-07-22 Northern Telecom Ltd Generic processing capability

Also Published As

Publication number Publication date
WO2007042837A1 (en) 2007-04-19
GB0808625D0 (en) 2008-06-18
GB0520789D0 (en) 2005-11-23
GB2431255A (en) 2007-04-18

Similar Documents

Publication Publication Date Title
TW200717349A (en) An item monitoring system and methods of using an item monitoring system
TW200642446A (en) System, method and recording medium for user interface operations for ad-hoc sensor node tracking
WO2012018395A3 (en) System, method and program for detecting anomalous events in a utility network
TW200604889A (en) An item monitoring system and methods of using an item monitoring system
TW200627279A (en) A prioritization system
NO20073424L (en) A method for facilitating a wellbore operation
WO2008124566A3 (en) System and method for pain detection and computation of a pain quantification index
WO2007124416A3 (en) Backwards researching activity indicative of pestware
WO2009009284A3 (en) Behavioral predictions based on network activity locations
IN2009DN07226A (en)
BR0317286A (en) Content Management System
MX2015011901A (en) Systems and methods for disease associated human genomic variant analysis and reporting.
GB2445142A (en) Anomalous behaviour detection system
WO2003102764A3 (en) Behavior-based adaptation of computer systems
WO2011006140A3 (en) Predictive techniques in transit alerting
WO2010141270A3 (en) Systems and methods to summarize transaction data
WO2010021902A3 (en) Method and apparatus for multiple channel access and nav recovery
BRPI0816017A2 (en) geospatial modeling system and method.
GB2453908A (en) Methods and systems for identifying an ill-exposed image
WO2010014339A3 (en) Online health monitoring via multi-dimensional temporal data mining
WO2007011526A3 (en) System and memory for schedule quality assessment
IN2015CH05361A (en)
TW200713207A (en) Data recovery method and system for a data recording
WO2007137177A3 (en) Access point polling systems and methods
HK1096465A1 (en) defining nodes in device management system

Legal Events

Date Code Title Description
WAP Application withdrawn, taken to be withdrawn or refused ** after publication under section 16(1)