November 2019
Intermediate to advanced
346 pages
9h 36m
English
Having completed the feature-engineering phase in the previous recipe, we went ahead and created a model. In Step 1, we listed all threat actors in preparation for the next steps. In Step 2, we created an indexing for the dates, so that 0 corresponded to the starting date, 1 to the next day, and so on. In the subsequent Steps 3 and 5, we defined functions to read in the whole dataset time series, filter it down to individual users, and then vectorize the time series for each user. We went ahead and vectorized the dataset (Step 6) and then train-test split it (Step 7). We reshaped the data in Step 8 in order to be able to feed it into the isolation forest classifier. We split the data further into benign and threat subsets ( ...