A Renewal Model of Intrusion

David Tolpin

Research output: Working paper/PreprintPreprint


We present a probabilistic model of an intrusion in a renewal process. Given a process and a sequence of events, an intrusion is a subsequence of events that is not produced by the process. Applications of the model are, for example, online payment fraud with the fraudster taking over a user's account and performing payments on the user's behalf, or unexpected equipment failures due to unintended use.
We adopt Bayesian approach to infer the probability of an intrusion in a sequence of events, a MAP subsequence of events constituting the intrusion, and the marginal probability of each event in a sequence to belong to the intrusion. We evaluate the model for intrusion detection on synthetic data and on anonymized data from an online payment system.
Original languageEnglish GB
StatePublished - 2017

Publication series

NamearXiv preprint arXiv:1709.08163


Dive into the research topics of 'A Renewal Model of Intrusion'. Together they form a unique fingerprint.

Cite this