Definitions[]
Anomalous activity is
| “ | [i]rregular or unusual deviations from what is usual, normal, or expected; activity inconsistent with the expected norm. | ” |
| “ | network activities that are inconsistent with the expected norms that may suggest FIE [Foreign Intelligence Entity] exploitation of cyber vulnerabilities or prior knowledge of U.S. national security information, processes, or capabilities.[1] | ” |
| “ | [a]ctivity that deviates from normal. The result of the process of comparing definitions of what activity is considered normal against observed events to identify significant deviations.[2] | ” |
References[]
- ↑ DoD Instruction S-5240.23.
- ↑ FFIEC, IT Examination Handbook Infobase, Glossary (full-text).