Memory Prediction on Real-Time User Behavior Traffic Detection

Rahmat Budiarto

Abstract


Human brain is a learning system. Human have to learn by getting exposed to something. This capability of learning system to recognize new patterns is called generalization. The abilities of human brain to perform generalization are yet to be matched by neural network or even by any of artificial intelligence algorithm in general. Thus, the need for new machine intelligence approach is imperative. Neural network is designed to take advantages of the speed of computers to solve engineering and computational complex problems intelligently. On the other hand, human brain is somewhat not computationally powerful. Human brain is not even able to calculate quadratic problems within milliseconds. Instead, it uses its vast amounts of memory to store everything human know and have learned. According to a modern neuroscience theory named memory-prediction framework, introduced by Hawkins and Blakeslee in 2005, human brain uses this memory-based model to make continuous predictions of future events. Therefore, a hybrid approach that possesses the ability to compute like neural network and at the same time think like human brain will shed some light in the advancement of machine learning research as well as the development of a truly intelligent machine. This talk discusses the memory-prediction framework and proposes simplified single cell assembled sequential hierarchical memory (s-SCASHM) model instead of hierarchical temporal memory (HTM) in order to speed up the learning convergence. s-SCASHM consists of single neuronal cell (SNC) model and simplified sequential hierarchical superset (SHS) platform. The SHS platform is designed by simplifying to have a region with four rows columnar architecture instead of having six rows per region as in human neocortex. Then, the s-SCASHM is implemented as the prediction engine of user behavior analysis tool to detect insider attacks/anomalies. As nearly half of incidents in enterprise security triggered by the Insider, it is important to deploy more intelligent defense system to assist the enterprise be able to pinpoint and resolve any incidents caused by the Insider or malicious software (malware). The attacks evolve; however, current detection systems that use the deep learning techniques cannot perform online (on-the-fly) learning. Thus, an intelligent detection system with on-the-fly learning capability is required. Experimental results show that the proposed memory model is able to predict user behavior traffic with significant level of accuracy and performs on-the-fly learning.

Keywords


Traffic Detection; Simplified single cell assembled sequential hierarchical mem; Real-Time User Behavior

Full Text: PDF

Refbacks

  • There are currently no refbacks.