Real Time Detection Framework of Insider Threat Based Agent
نویسندگان
چکیده
منابع مشابه
Toward an Insider Threat Detection Framework Using Honey Permissions
The insider threat remains one of the most serious challenges to computer security. An insider attack occurs when an authorized user misuses his privileges and causes damages to the organization. Deception techniques have served as a common solution to insider threat detection, and several techniques, such as approaches based on honey entities, have been proposed. On the other hand, access cont...
متن کاملReal-Time Detection of Threat
Government agencies, personnel security professionals, and our military services are faced with new challenges to rapidly assess the credibility of statements made by individuals in airports, border crossings, secured facilities, and a variety of environments not conducive to prolonged interviews. The changing environment has become more global and threats lie not just in the securing of an env...
متن کاملContext-Aware Insider Threat Detection
We are researching ways to detect insider threats in computer usage data crossing multiple modalities – e.g., resources and devices used, network and communication patterns – and where signals of possible threat are highly contextual – e.g., detectable only after inferring user roles, peer groups, collaborators and personal history. The contexts are also dynamic – reflecting a user’s rapid shif...
متن کاملInsider Threat Detection in PRODIGAL
This paper reports on insider threat detection research, during which a prototype system (PRODIGAL) was developed and operated as a testbed for exploring a range of detection and analysis methods. The data and test environment, system components, and the core method of unsupervised detection of insider threat leads are presented to document this work and benefit others working in the insider th...
متن کاملAn Insider Threat Detection Method Based on Business Process Mining
Currentintrusiondetectionsystemsaremostlyfordetectingexternalattacks,butthe“PrismDoor”and othersimilareventsindicatethatinternalstaffmaybringgreaterharmtoorganizationsininformation security.Traditional insider threatdetectionmethodsonlyconsider theaudit recordsofpersonal behaviorandfailedtocombineitwithbusinessactivities,whichmaymisstheins...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: DEStech Transactions on Computer Science and Engineering
سال: 2018
ISSN: 2475-8841
DOI: 10.12783/dtcse/cmee2017/20071