Insider-threat detection using Gaussian Mixture Models and Sensitivity Profiles
نویسندگان
چکیده
منابع مشابه
Weak Models for Insider Threat Detection
This paper describes the design for a content-based approach to detecting insider misuse by an analyst producing reports in an environment supported by a document control system. The approach makes use of Hidden Markov Models to represent stages in the Evidence-Based Intelligence Analysis Process Model (EBIAPM). This approach is seen as a potential application for the Process Query System / Tra...
متن کاملContext-Aware Insider Threat Detection
We are researching ways to detect insider threats in computer usage data crossing multiple modalities – e.g., resources and devices used, network and communication patterns – and where signals of possible threat are highly contextual – e.g., detectable only after inferring user roles, peer groups, collaborators and personal history. The contexts are also dynamic – reflecting a user’s rapid shif...
متن کاملInsider Threat Detection in PRODIGAL
This paper reports on insider threat detection research, during which a prototype system (PRODIGAL) was developed and operated as a testbed for exploring a range of detection and analysis methods. The data and test environment, system components, and the core method of unsupervised detection of insider threat leads are presented to document this work and benefit others working in the insider th...
متن کاملSpeech Enhancement Using Gaussian Mixture Models, Explicit Bayesian Estimation and Wiener Filtering
Gaussian Mixture Models (GMMs) of power spectral densities of speech and noise are used with explicit Bayesian estimations in Wiener filtering of noisy speech. No assumption is made on the nature or stationarity of the noise. No voice activity detection (VAD) or any other means is employed to estimate the input SNR. The GMM mean vectors are used to form sets of over-determined system of equatio...
متن کاملNetwork Anomaly Detection using Fuzzy Gaussian Mixture Models
Fuzzy Gaussian mixture modeling method is proposed in this paper for network anomaly detection. A mixture of Gaussian distributions was used to represent the network data in multi-dimensional feature space. Gaussian parameters were estimated using fuzzy c-means estimation. The method was tested with the KDD Cup data set. Experimental results have shown that the proposed method is more effective...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Computers & Security
سال: 2018
ISSN: 0167-4048
DOI: 10.1016/j.cose.2018.03.006