Detecting Abnormal Authentication Delays in Identity and Access Management using Machine Learning

Authentication delay is an important metric for measuring the performance and responsiveness of Identity and Access Management (IAM) systems. A sudden increase in authentication delay can indicate several problems, such as performance degradation, denial-of-service attacks, or compromised accounts. This paper proposes an adaptative approach for anomaly detection in authentication delay for IAM systems. The proposed approach combines the cumulative sum (CUSUM) algorithm, a statistical method for detecting changes in the mean of a time series, with a Machine Learning (ML) classifier model. The CUSUM algorithm is used to identify potential change points in the authentication delay data and to drive labeled training data. The ML classifier model is updated using the derived data set for real-time data classification. The proposed approach is adaptive, meaning that it can automatically adjust to changes in the underlying authentication delay distribution. Our experimental results showed that our approach improves the detection accuracy in real-time deployment scenarios.