Exclusive Content:

Haiper steps out of stealth mode, secures $13.8 million seed funding for video-generative AI

Haiper Emerges from Stealth Mode with $13.8 Million Seed...

VOXI UK Launches First AI Chatbot to Support Customers

VOXI Launches AI Chatbot to Revolutionize Customer Services in...

Microsoft launches new AI tool to assist finance teams with generative tasks

Microsoft Launches AI Copilot for Finance Teams in Microsoft...

Identifying Anomalies Efficiently with SMART Technology (Part Three)

Understanding the Prior and Posterior in Bayesian Inference for Anomalous User Behavior Detection

Today, I want to dive deeper into the technical details of how we calculate the values of \(\alpha_{prior}\) and \(\beta_{prior}\) in our Bayesian inference model at Fortscale. In my previous posts, I explained how we use these values to incorporate prior knowledge and prevent false alerts for users who have never acted anomalously.

The prior is a crucial component of Bayesian inference as it allows us to incorporate our prior knowledge when calculating probabilities. In our case, it helps us address the challenge of users with a history of zero SMART values triggering alerts for any positive value. By setting the right values for \(\alpha_{prior}\) and \(\beta_{prior}\), we can strike a balance between incorporating organizational knowledge and giving weight to the user’s actual data.

To determine the values of \(\alpha_{prior}\) and \(\beta_{prior}\), we need to consider the organization’s overall level of anomalous activities. If there are many anomalous activities, the analyst’s interest threshold is higher. We can simulate this effect using the prior by setting \(\alpha_{prior}\) to the number of SMART values in the organization and \(\beta_{prior}\) to their sum. This way, the prior represents the knowledge of the amount of anomalous activities in the organization.

However, setting \(\alpha_{prior}\) too high can make the prior too influential, leading to the user’s data having minimal impact on the calculated probability. To address this, we experimented with real-life data and found that setting \(\alpha_{prior}\) to a reasonable small number, such as 20, while updating \(\beta_{prior}\) to be \(\alpha_{prior}\) times the average of the organization’s SMART values, strikes the right balance.

Choosing a smaller \(\alpha_{prior}\) reduces the prior’s influence, allowing the user’s data to affect their threshold while still taking into account the organization’s level of anomalous activities. The variance of the prior also increases, allowing for some uncertainty in the expected value. This balance between the organization’s knowledge and the user’s data is crucial in personalizing the threshold and reducing false alerts.

In conclusion, calculating the values of \(\alpha_{prior}\) and \(\beta_{prior}\) in our Bayesian inference model requires careful consideration of the organization’s level of anomalous activities and the desired influence of the user’s data. By striking the right balance, we can effectively detect and prevent insider threats while minimizing false alerts and maintaining personalized thresholds.

Latest

Comprehending the Receptive Field of Deep Convolutional Networks

Exploring the Receptive Field of Deep Convolutional Networks: From...

Using Amazon Bedrock, Planview Creates a Scalable AI Assistant for Portfolio and Project Management

Revolutionizing Project Management with AI: Planview's Multi-Agent Architecture on...

Boost your Large-Scale Machine Learning Models with RAG on AWS Glue powered by Apache Spark

Building a Scalable Retrieval Augmented Generation (RAG) Data Pipeline...

YOLOv11: Advancing Real-Time Object Detection to the Next Level

Unveiling YOLOv11: The Next Frontier in Real-Time Object Detection The...

Don't miss

Haiper steps out of stealth mode, secures $13.8 million seed funding for video-generative AI

Haiper Emerges from Stealth Mode with $13.8 Million Seed...

VOXI UK Launches First AI Chatbot to Support Customers

VOXI Launches AI Chatbot to Revolutionize Customer Services in...

Microsoft launches new AI tool to assist finance teams with generative tasks

Microsoft Launches AI Copilot for Finance Teams in Microsoft...

Investing in digital infrastructure key to realizing generative AI’s potential for driving economic growth | articles

Challenges Hindering the Widescale Deployment of Generative AI: Legal,...

Using Amazon Bedrock, Planview Creates a Scalable AI Assistant for Portfolio...

Revolutionizing Project Management with AI: Planview's Multi-Agent Architecture on Amazon Bedrock Businesses today face numerous challenges in managing intricate projects and programs, deriving valuable insights...

YOLOv11: Advancing Real-Time Object Detection to the Next Level

Unveiling YOLOv11: The Next Frontier in Real-Time Object Detection The YOLO (You Only Look Once) series has been a game-changer in the field of object...

New visual designer for Amazon SageMaker Pipelines automates fine-tuning of Llama...

Creating an End-to-End Workflow with the Visual Designer for Amazon SageMaker Pipelines: A Step-by-Step Guide Are you looking to streamline your generative AI workflow from...