Anomaly detection of user's activity in a journal of Windows security events with application of machine learning algorithms

The article is devoted to the detection of anomalies in the security event logs. Several characteristic coordinate spaces are considered. The article considers four algorithms of machine learning as a tool for detecting suspicious actions of system users. Proposed sequence of steps to achieve this goal.