Anomaly Detection in Corporate IT Infrastructure Using Spiking Neural Networks with Temporal Encoding
Abstract
Anomaly detection in corporate IT infrastructure is critical for identifying threats such as intrusions, insider misuse, and policy violations. Spiking Neural Networks (SNNs), inspired by biological neurons, offer a promising solution due to their event-driven nature and temporal sensitivity. Traditional machine learning models often struggle with real-time detection and generate high false positive rates, primarily due to their dependence on dense, continuous data processing and limited temporal awareness. This paper proposes an Event-Driven Spiking Neural Network (ED-SNN) framework utilizing Temporal Spike-Timing Encoding to address these challenges. In this method, system events, such as login activities, data transfers, and process executions, are encoded into spike trains, where temporal patterns carry meaningful context. The ED-SNN leverages these encoded patterns to distinguish between normal and abnormal behaviors efficiently. The proposed method is applied for real-time insider threat detection, where anomalies in access patterns and operation sequences are identified with high precision. Experimental results on simulated corporate IT datasets demonstrate that the ED-SNN framework significantly reduces false positives and improves detection latency compared to conventional models. The framework also proves to be computationally efficient and suitable for deployment in real-time monitoring systems.