We need to predict logins on holidays with higher activity levels as potential anomalies. We can build a simple machine learning model using ACL. This model will classify logins on holidays with higher activity levels as “Abnormal” and logins on working days as “Normal”. We will first train the model with a sample dataset, then apply the model to predict anomalies on given data.
Step 1: Preprocessing Data
We need to transform the data appropriately for modeling, using the binary target to indicate normal and abnormal login patterns based on the type of day and activity.
-
“Normal” (0) for Working days
-
“Abnormal” (1) for Holidays with more login counts.
Step 2: Training the Model
Use the TRAIN command to train a model. This example assumes you have a binary classifier to predict the Login_Type.
Step 3: Applying the Model to New Data
After training, use the PREDICT command to apply the trained model to new or unseen dataset 2024 to classify the logins.
The model has been applied to the new dataset, and here are the predictions for each entry, classifying the login activity as either normal (0) or abnormal (1)
Step 4: Observations:
The model classified holidays as “Normal” except those showing higher activity levels as “Abnormal”. By this classification, auditors can quickly identify potential security risks. This model provides a basic framework and can be expanded with more features and more sophisticated algorithms for better accuracy.
Conclusion:
This classification helps auditors quickly identify potentially risky login activities, providing a straightforward method to focus on anomalous events that could indicate unauthorized access or other security concerns. This example illustrates a basic use of regression for anomaly detection in IT audit context. For real-world applications, you might consider incorporating more features and using more complex models for improved accuracy and robustness.
𝐅𝐨𝐫 𝐦𝐨𝐫𝐞 𝐢𝐧𝐟𝐨𝐫𝐦𝐚𝐭𝐢𝐨𝐧, 𝐜𝐥𝐢𝐜𝐤 𝐡𝐞𝐫𝐞 𝐭𝐨 𝐫𝐞𝐚𝐝 𝐭𝐡𝐞 𝐭𝐚𝐛𝐥𝐞:
