Anomaly Detection in argus Data

This solution will contain some ideas on how to perform some anomaly detection in argus data.

I will rely heavily on quantile (percentile point function) to find outliers, but also consider weights.

The first post covers details of questions I will be interested in answer.

The second post discusses setting up the environment for python driven analysis.

The third post will cover answering a set of specifics questions targeting a specific example.

The fourth post will cover generating derivative data into a DB.

The fifth post will discuss integrating with other systems, such as writing an OSSIM plugin, and considering snort.

The sixth post will likely cover rendering the script(s?) as a daemonizable process that watches an argus DB contents and alerts.

  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: