Gurucul offers machine learning models to address many cyber security scenarios. Up next is…
How does the Identity Classification machine learning model work, what does it do? Identity Classification is a supervised learning approach that learns from the data input given to it. Then uses this learning to classify new observations. Applied to identities, it sorts identities with similar attributes into buckets. Once this sorting is done, it’s possible to compare baselines and evaluate similar or different behaviors to discover anomalous activity for relevant identities.
Within Gurucul Risk Analytics, the Identity Classification model used by Identity Analytics examines roles, activities and what data users can access, and then applies different risk scoring algorithms and probabilistic methods to determine anomalous activity by role.
Let’s use a real world use case: Wage Garnishment. A client gave us their VOIP data and various types of employee data from their HR systems. This included wage garnishment data, travel records and data classification details. Any U. S. employee who’s under wage garnishment cannot legally talk to people from China, Russia, Nigeria, or OFAC Countries. Plus, they cannot have access to certain highly sensitive data such as the plans for F19 jet engines.
Using the Identity Classification machine learning model, Gurucul Identity Analytics applies dynamic provisioning to remove a user’s access to highly sensitive data such as F19 jet engine plans for employees in wage garnishment status.
Another example to illustrate the power of the Identity Classification comes from the healthcare realm. Using this powerful classification methodology, it’s possible to assign a diagnosis to a patient based on observed unique identity characteristics of the patient, such as sex, blood pressure, and the presence or absence of certain symptoms.
With Identity Classification, you can apply business rules and levels of controls for identities that fall into different buckets or classifications. As classifications change, the controls can be dynamically adjusted without human intervention. This enables you to prevent unauthorized access to highly sensitive information as well as to apply many forms of treatment or actions to users or their online accounts based on pattern recognition and sorting of your data into relevant buckets.
Identity Classification performance depends greatly on the characteristics of the data to be classified. No single classifier works best on all given problems.