Filters








24,817 Hits in 4.4 sec

Image-based Insider Threat Detection via Geometric Transformation [article]

Dongyang Li, Lin Yang, Hongguang Zhang, Xiaolei Wang, Linru Ma, Junchao Xiao
2021 arXiv   pre-print
Insider threat detection has been a challenging task over decades, existing approaches generally employ the traditional generative unsupervised learning methods to produce normal user behavior model and  ...  To illustrate, our IGT uses a novel image-based feature representation of user behavior by transforming audit logs into grayscale images.  ...  Since malicious behavior is widely varying, it is impractical to explicitly characterize insider threat.  ... 
arXiv:2108.10567v1 fatcat:w2lxxy4wxbhmrgmh5ahdv2g5ei

Image-Based Insider Threat Detection via Geometric Transformation

Dongyang Li, Lin Yang, Hongguang Zhang, Xiaolei Wang, Linru Ma, Junchao Xiao, Abdallah Meraoumia
2021 Security and Communication Networks  
Insider threat detection has been a challenging task over decades; existing approaches generally employ the traditional generative unsupervised learning methods to produce normal user behavior model and  ...  To illustrate, our IGT uses a novel image-based feature representation of user behavior by transforming audit logs into grayscale images.  ...  Since malicious behavior is widely varying, it is impractical to explicitly characterize insider threat.  ... 
doi:10.1155/2021/1777536 fatcat:ocd5vx2b7bfjligjgq6ggscope

Insider threats and Insider Intrusion Detection

2019 International journal of recent technology and engineering  
this survey paper narrates insider threats and their detection types and methods.  ...  Insider threats are emerging nowadays, it is important to identify these threats as they are generating critical problems to the system.  ...  insider threats ,in which users normal behavior is plotted as bipartite graph.  ... 
doi:10.35940/ijrte.b1033.0782s519 fatcat:unx2kk3asvcc3j5x4y46wsbgq4

Insider Threat: Enhancing BPM through Social Media

Dimitris Gritzalis, Vasilis Stavrou, Miltiadis Kandias, George Stergiopoulos
2014 2014 6th International Conference on New Technologies, Mobility and Security (NTMS)  
It exams the online behavior of users and pinpoints potential insiders with critical roles in the organization's processes.  ...  Yet, even in light of modelling's widespread success, one can argue that it lacks built-in security mechanisms able to detect and fight threats that may manifest throughout the process.  ...  behavior so as to detect potentially malevolent users.  ... 
doi:10.1109/ntms.2014.6814027 dblp:conf/ntms/GritzalisSKS14 fatcat:ehl7hqetojendk55f3paes5vvm

Design of an Ensemble Learning Behavior Anomaly Detection Framework

Abdoulaye Diop, Nahid Emad, Thierry Winter, Mohamed Hilia
2019 Zenodo  
In several fields, behavior anomaly detection is the method used by cyber specialists to counter the threats of user malicious activities effectively.  ...  In this paper, we present the step toward the construction of a user and entity behavior analysis framework by proposing a behavior anomaly detection model.  ...  According to Gartner [13] , existing insider threat detection tools already rely on different models to detect anomalous behavior.  ... 
doi:10.5281/zenodo.3566298 fatcat:man7qwdaynhsdnfc2rvzqrdkbi

Stopping the Insider at the Gates: Protecting Organizational Assets through Graph Mining

Pablo Moriano, Jared Pendleton, Steven Rich, L. Jean Camp
2018 Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications  
Measures of volumes of access, detailed background checks, and statistical characterizations of employee behaviors are all commonly used to mitigate the insider threat.  ...  This graph mining method has potential for early detection of insider threat behavior from user-system interactions, which could enable quicker mitigation.  ...  Characterization of insider threats Much of the research on insider threats have been on the characterization of insiders.  ... 
doi:10.22667/jowua.2018.03.31.004 dblp:journals/jowua/MorianoPRC18 fatcat:ujna7aux5rgill2ynfjta75g5y

Detecting insider threat within institutions using CERT dataset and different ML techniques

Mohammed Dosh
2021 Periodicals of Engineering and Natural Sciences (PEN)  
In this research, CERT dataset that produced by the University of Carnegie Mellon University has been used in this investigation to detect insider threat. The dataset has been preprocessed.  ...  The difficulty in detecting this type of threat is due to the difficulty of analyzing the behavior of people within the organization according to their physiological characteristics.  ...  . real-time learning methods have used to distinguish the conditions for unusual user behaviors.  ... 
doi:10.21533/pen.v9i2.1911 fatcat:u5mp6irwanhu3lxkywk4t7gphe

Detecting insider threat within insitituttions using CERT dataset and different ML techniques

Mohammed Dosh
2021 Zenodo  
In this research, CERT dataset that produced by the University of Carnegie Mellon University has been used in this investigation to detect insider threat. The dataset has been preprocessed.  ...  The difficulty in detecting this type of threat is due to the difficulty of analyzing the behavior of people within the organization according to their physiological characteristics.  ...  Various algorithms were used to detect anomalies, including hidden Markov models and Gaussian mix models, in a group on user activity log data to identify insider threat indicators [44] .  ... 
doi:10.5281/zenodo.4683307 fatcat:n2klrprjr5hjbllxpi4wjs52ti

Guest editorial: A brief overview of data leakage and insider threats

Carly L. Huth, David W. Chadwick, William R. Claycomb, Ilsun You
2013 Information Systems Frontiers  
Introduction The challenges of preventing, detecting, and responding to data leakage propagated by authorized users, or insider threats, are among the most difficult facing security researchers and professionals  ...  Defining and characterizing insider threats One of the most important elements in any field of research is the common vernacular researchers use to describe problems and solutions.  ... 
doi:10.1007/s10796-013-9419-8 fatcat:76hdgv5l7jevpbbimcibxkh6em

Business Process Modeling for Insider Threat Monitoring and Handling [chapter]

Vasilis Stavrou, Miltiadis Kandias, Georgios Karoulas, Dimitris Gritzalis
2014 Lecture Notes in Computer Science  
This approach enhances business process monitoring tools with information evaluated from Social Media by examining the online behavior of users and pinpoints potential insiders with critical roles in the  ...  Also, this approach highlights the threat introduced in the processes operated by such users.  ...  ' behavior to detect potentially malevolent users.  ... 
doi:10.1007/978-3-319-09770-1_11 fatcat:fgm3345g4rewdhgpht2zvkga7m

Guest Editorial: Managing Insider Security Threats

Igor V. Kotenko
2018 Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications  
The issue focuses on problems related to security and cryptography technologies to prevent, detect and predict insider threats.  ...  Insiders pose a great threat to any organization and enterprise.  ...  The Wolf Of SUTD (TWOS): A Dataset of Malicious Insider Threat Behavior Based on a Gamified Competition, presents a dataset of insider threat behavior which is generated based Journal of Wireless Mobile  ... 
doi:10.22667/jowua.2018.03.31.001 dblp:journals/jowua/Kotenko18 fatcat:fwm2kjrpuzclxpjgy4eidefkwi

A Review of Insider Threat Detection: Classification, Machine Learning Techniques, Datasets, Open Challenges, and Recommendations

Mohammed Nasser Al-Mhiqani, Rabiah Ahmad, Z. Zainal Abidin, Warusia Yassin, Aslinda Hassan, Karrar Hameed Abdulkareem, Nabeel Salih Ali, Zahri Yunos
2020 Applied Sciences  
of notable recent works on insider threat detection, which covers the analyzed behaviors, machine-learning techniques, dataset, detection methodology, and evaluation metrics.  ...  Several studies on insider threat detection and related areas in dealing with this issue have been proposed. Various studies aimed to deepen the conceptual understanding of insider threats.  ...  The previous sections indicate that the majority of previous studies have highlighted the monitoring and analysis of user activities to detect insider threats using cyber behaviors.  ... 
doi:10.3390/app10155208 fatcat:xcgn37pohnaqlipqrhvwfrkgee

ADSAGE: Anomaly Detection in Sequences of Attributed Graph Edges applied to insider threat detection at fine-grained level [article]

Mathieu Garchery, Michael Granitzer
2020 arXiv   pre-print
Previous works on the CERT insider threat detection case have neglected graph and text features despite their relevance to describe user behavior.  ...  We describe how ADSAGE can be used for fine-grained, event level insider threat detection in different audit logs from the CERT use case.  ...  Anomaly detection at event level We address the CERT insider threat use case through an anomaly detection perspective, i.e. we aim at modeling normal user behavior to detect deviations from this norm.  ... 
arXiv:2007.06985v1 fatcat:vtvmfrx2andzbhhglouie3t6i4

Deep Learning for Insider Threat Detection: Review, Challenges and Opportunities [article]

Shuhan Yuan, Xintao Wu
2020 arXiv   pre-print
In this brief survey, we first introduce one commonly-used dataset for insider threat detection and review the recent literature about deep learning for such research.  ...  on feature engineering, are hard to accurately capture the behavior difference between insiders and normal users due to various challenges related to the characteristics of underlying data, such as high-dimensionality  ...  Although existing approaches demonstrate good performance on insider threat detection, the traditional shallow machine learning models are unable to make full use of the user behavior data due to their  ... 
arXiv:2005.12433v1 fatcat:bmmog7g47vfmpmzdvd4tqd5v7u

Insiders and Insider Threats - An Overview of Definitions and Mitigation Techniques

Jeffrey Hunker, Christian W. Probst
2011 Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications  
Tackling insider threats requires a combination of techniques from the technical, the sociological, and the socio-technical domain, to enable qualified detection of threats, and their mitigation.  ...  Especially in the US, there has been substantial research to better understand insider threats and develop more effective approaches.  ...  The Detection of Threat Behavior project [57] uses a data mining application and a Bayesian network to detect aberrant document access patterns. Aleman-Meza et al.  ... 
doi:10.22667/jowua.2011.03.31.004 dblp:journals/jowua/HunkerP11 fatcat:5iwopvcufndzrltdbub5a32lye
« Previous Showing results 1 — 15 out of 24,817 results