I need to create model which will find suspicious entries or anomalies in a network, whose characteristics or features are the asset_id, user_id, IP accessed from and time_stamp.
Which unsupervised anomaly detection algorithms or models should I use to solve this task?
If you are OK to use python, thy novelty-detection with sklearn:
https://scikit-learn.org/stable/modules/outlier_detection.html
Hierarchical Temporal Memory is a model well suited for anomaly detection. It is also pretty interesting and different from currently typical Deep Learning models.
