revision
About the Journal Editorial Board For authors Publication ethics Archive Abstracting & Indexing Contact us
Introduction
Online submission

№1, 2025

REAL-TIME ENDPOINT ANOMALY DETECTION USING ADAPTIVE STATISTICAL METHODS FOR BASELINE DEVIATIONS

Kamran Asgarov

kamran.asgarov.n@student.aztu.edu.az

Real-time anomaly detection is an important part of endpoint security, which offers a promising alternative to traditional security and monitoring methods. This paper introduces a framework based on adaptive statistical methods for real-time endpoint anomaly detection and investigates six different statistical methods and their effectiveness in detecting anomalies in three anomaly scenarios. The framework approach is based on collecting detailed telemetry metrics that include major endpoint metrics categories such as CPU usage, network activity, disk operations to establish a baseline of normal behavior. Deviations from this baseline are flagged as anomalies. Methods are tested using hyperparameter optimization and evaluated using performance metrics such as F1-score, accuracy, and precision. This study demonstrates the potential of statistical methods for scalable, interpretable, and efficient anomaly detection in endpoint security (pp.11-17).

Keywords: Endpoint security, Cybersecurity, Anomaly detection, Baseline deviation, Statistical methods
DOI:

http://doi.org/10.25045/jpit.v16.i1.02

References
  • Ahmed, M., Mahmood, A. N. & Hu, J. (2016). A survey of network anomaly detection techniques. Journal of Network and Computer Applications, 60, 19-31.
    https://doi.org/10.1016/j.jnca.2015.11.016
  • Al-Asli, M. & Ghaleb, T. A. (2019) Review of Signature-based techniques in antivirus products. International Conference on Computer and Information Sciences (ICCIS), Sakaka, Saudi Arabia, (pp. 1-6.)
    https://doi.org/10.1109/ICCISci.2019.8716381
  • Asgarov, K. N., Imamverdiyev, Y. N. & Abutalibov, M. M. (2024). Unsupervised machine learning for real-time anomaly detection in endpoints. Journal of Modern Technology and Engineering, 9(3), 141-155.
    https://doi.org/10.62476/jmte93141
  • Brown, R. G., Meyer, R. F. & D`Esopo, D. A. (1961). The fundamental theorem of exponential smoothing. Operations Research, 9(5), 673-687.
  • Chandola, V., Banerjee, A. & Kumar, V. (2009) Anomaly detection: a survey. ACM computing surveys, 43 (3), 1-58.
    http://doi.org/10.1145/1541880.1541882
  • Ding, S., Gu, W., Lu, S., Yu, R. & Sheng, L. (2022), Cyber-attack against heating system in integrated energy systems: model and propagation mechanism. Applied Energy, April 2022, 311.
    https://doi.org/10.1016/j.apenergy.2022.118650
  • Hodge, V. & Austin, J. (2004). A survey of outlier detection methodologies. Artificial Intelligence Review, 22, 85-126.
    https://doi.org/10.1023/B:AIRE.0000045502.10941.a9
  • Hoque, N., Bhattacharyya, D. K. & Kalita, J. K. (2015). Botnet in DDoS attacks: trends and challenges. IEEE Common Survey Tutorials, 17, 2242-2270.
    https://doi.org/10.1109/COMST.2015.2457491
  • Li, Y. & Liu, Q. A. (2021). A comprehensive review study of cyber-attacks and cyber security; Emerging trends and recent developments. Energy Reports, 7, 8176-8186.
    https://doi.org/10.1016/j.egyr.2021.08.126
  • Maurya, A. K., Neeraj, K., Alka, A. & Raees, A. K. (2018). Ransomware: evolution, target and safety measures. International Journal of Computer Sciences and Engineering, 6(1), 80-85.
    https://doi.org/10.37934/araset.39.2.110131
  • Perry, M. B. (2011). The exponentially weighted moving average. Wiley Encyclopedia of Operations Research and Management Science.
    https://doi.org/10.1002/9780470400531.eorms0314
  • Simon, S., Kolyada. N., Akiki, C., Potthast, M., Stein, B. & Siegmund, N. (2023). Exploring hyperparameter usage and tuning in machine learning research. 2023 IEEE/ACM 2nd International Conference on AI Engineering – Software Engineering for AI (CAIN), Melbourne, Australia, (pp. 68-79). 
    http://doi.org/10.1109/CAIN58948.2023.00016
  • Venkataanusha, P., Anuradga, C., Murty, P. & Chebrolu, S. K. (2019). Detecting outliers in high dimensional data sets using Z-Score methodology. International journal of innovative technology and exploring engineering (IJITEE), 9, 48-53.
    http://doi.org/10.35940/ijitee.A3910.119119
  • Vinutha, H., Poornima, B. & Sagar, B. (2018). Detection of outliers using interquartile range technique from intrusion dataset. In Information and Decision Sciences, Proceedings of the 6th International Conference on Ficta, Springer: Berlin/Heidelberg, Germany, (pp. 511-518). 
    http://doi.org/10.3390/electronics13234735
  • Vujovic, Z. D. (2021). Classification model evaluation metrics. International Journal of Advanced Computer Science and Applications, 12(6). 
    http://doi.org/10.14569/IJACSA.2021.0120670
© Institute of Information Technology, 2025 www.ict.az |  secretary@iit.ab.az |  info@science.az
Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 International License.