One-Stop Anomaly Shop (OSAS) is a new open-source project from Adobe Security. OSAS is a security intelligence toolset for detecting anomalies.
Researchers can use OSAS to experiment with data sets, control how they are processed, and shorten the path to finding a solution for detecting security threats.
“Logs are not always straightforward. Security-related logs are even more heterogenous and verbose, often presenting a large feature-space due to the unbound nature of attribute values. Often when using machine learning (ML) algorithms and models this large feature-space can create an adverse effect known as data sparsity. This means that most supervised and unsupervised ML algorithms will struggle to find structure within the data and are likely to overfit and handle previously unseen examples poorly,” Chris Parkerson, marketing lead for the Adobe Corporate Security Team, wrote in a post.
OSAS uses a two-step approach to data processing that reduces that effect. First it consumes data and labels it using standard recipes for field types. Then, it uses those labels as input features for machine learning algorithms.
This automatic learning and tagging enables the tool to be used across a wide range of datasets and project, the company explained.
According to Adobe Security, it incorporates a lot of previous Adobe Security Intelligence Team research, white papers, and other open-source projects.
