Role-based profile analysis for scalable and accurate insider-anomaly detection

Sensitive organizations such as the intelligence community (IC) have faced increasing challenges of insider threats because insiders are not always friends, but can be significant threats to the corporate assets. Statistically, it is accepted that the cost of insider threats exceeds that of outsider...

Full description

Saved in:
Bibliographic Details
Published in2006 IEEE International Performance Computing and Communications Conference pp. 7 pp. - 470
Main Authors Park, J.S., Giordano, J.
Format Conference Proceeding
LanguageEnglish
Published IEEE 2006
Subjects
Access control
Computer crime
Costs
Face detection
Information analysis
Information security
Intrusion detection
Laboratories
Monitoring
Permission
Online AccessGet full text
ISBN1424401984
9781424401987
ISSN1097-2641
DOI10.1109/.2006.1629440

Cover

More Information
Summary:Sensitive organizations such as the intelligence community (IC) have faced increasing challenges of insider threats because insiders are not always friends, but can be significant threats to the corporate assets. Statistically, it is accepted that the cost of insider threats exceeds that of outsider threats. Many security technologies have been invented to prevent threats from outsiders, but they have limited use in countering insiders' abnormal behaviors. Furthermore, individual-based monitoring mechanisms are not scalable for a large enterprise system. Therefore, in this paper, we introduce a scalable and accurate approach with the role-based profile analysis for countering insider threats, focusing on the relationship between insiders and their systems to detect anomalies. Also, we describe our simulation with synthetic data sets of baseline and threat scenarios
ISBN:1424401984
9781424401987
ISSN:1097-2641
DOI:10.1109/.2006.1629440