A Renewal Model of Intrusion
This work addresses intrusion detection for applications like fraud prevention in online payments, but it appears incremental as it builds on existing probabilistic modeling approaches without claiming major breakthroughs.
The authors tackled the problem of detecting intrusions in renewal processes, such as online payment fraud or unexpected equipment failures, by developing a Bayesian model that infers intrusion probabilities and identifies the most likely intrusion subsequence. They evaluated the model on both synthetic data and anonymized data from an online payment system, though no concrete performance numbers were provided in the abstract.
We present a probabilistic model of an intrusion in a renewal process. Given a process and a sequence of events, an intrusion is a subsequence of events that is not produced by the process. Applications of the model are, for example, online payment fraud with the fraudster taking over a user's account and performing payments on the user's behalf, or unexpected equipment failures due to unintended use. We adopt Bayesian approach to infer the probability of an intrusion in a sequence of events, a MAP subsequence of events constituting the intrusion, and the marginal probability of each event in a sequence to belong to the intrusion. We evaluate the model for intrusion detection on synthetic data and on anonymized data from an online payment system.