The new patented technology thatDot Novelty Detector uses categorical variables to accelerate the detection of malicious activity in real time with fewer false positives and less operator involvement.
Traditional detection of abnormal network activity does not use categorical data, but numerical data and statistical analysis, which do not work due to the high dimensionality of the data and create a huge number of false positives. Malicious activity remains undetected or is detected too late.
Novelty Detector evaluates the novelty level of streaming data in real time immediately after they are received. Using previous data and the power of graphical models, Novelty Detector significantly reduces the number of false positives, scaling up to millions of events per second.
“Categorical data at scale is the future of network monitoring. Novelty Detector gives an organization a real-time assessment of the level of novelty and an explanation using a “fingerprint (finferprint)” of a malicious program, allowing the researcher not to get annoyed and tired of a huge number of false positives”– said the scientists.
Also, the public version of Novelty Detector includes a new self-learning feature. The system receives data, calibrates and trains itself, and then evaluates each piece of data in real time for anomalies. Thanks to the new feature, malware and the threat of identity theft are detected automatically.
“Novelty Detector is a great combination of easy—to-use graphical software AI for detecting network anomalies. We upload data to the system, and it tells us when there is enough information to get started. I wish all machine learning systems were that simple.”– said TraceRiser CEO Geri Shlobodnik.