Validating an Insider Threat Detection System: A Real Scenario Perspective
作者: Ioannis Agrafiotis , Arnau Erola , Jassim Happa , Michael Goldsmith , Sadie Creese
DOI: 10.1109/SPW.2016.36
关键词:
摘要: There exists unequivocal evidence denoting the dire consequences which organisations and governmental institutions face from insider threats. While in-depth knowledge of modus operandi that insiders possess provides ground for more sophisticated attacks, are ill-equipped to detect prevent these happening. The research community has provided various models detection systems address problem, but lack real data due privacy ethical issues remains a significant obstacle validating designing effective scalable systems. In this paper, we present results our experiences applying system into multinational organisation, approach followed abide with considerations lessons learnt on how validation process refined in terms effectiveness scalability.
sci-hub.se 参考文章(25)
Philip A. Legg, Oliver Buckley, Michael Goldsmith, Sadie Creese, Automated Insider Threat Detection System Using User and Role-Based Profile Assessment IEEE Systems Journal. ,vol. 11, pp. 503- 512 ,(2017) , 10.1109/JSYST.2015.2438442
Philip A Legg, Nick Moffat, Jason RC Nurse, Jassim Happa, Ioannis Agrafiotis, Michael Goldsmith, Sadie Creese, None, Towards a conceptual model and reasoning structure for insider threat detection Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications. ,vol. 4, pp. 20- 37 ,(2013) , 10.22667/JOWUA.2013.12.31.020
Ioannis Agrafiotis, Oliver Buckley, Sadie Creese, Michael Goldsmith, Phil Legg, Jason Nurse, Monica Whitty, A Critical Reflection on the Threat from Human Insiders Its Nature, Industry Perceptions, and Detection Approaches international conference on human-computer interaction. pp. 270- 281 ,(2014) , 10.1007/978-3-319-07620-1_24
Ioannis Agrafiotis, Jason RC Nurse, Oliver Buckley, Phil Legg, Sadie Creese, Michael Goldsmith, Identifying attack patterns for insider threat detection Computer Fraud & Security. ,vol. 2015, pp. 9- 17 ,(2015) , 10.1016/S1361-3723(15)30066-X
Christian W. Probst, Jeffrey Hunker, Insiders and Insider Threats: An Overview of Definitions and Mitigation Techniques Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications. ,vol. 2, pp. 4- 27 ,(2011)
G.B Magklaras, S.M Furnell, Events: Insider Threat Prediction Tool: Evaluating the probability of IT misuse Computers & Security. ,vol. 21, pp. 62- 73 ,(2001) , 10.1016/S0167-4048(02)00109-8
Jason RC Nurse, Oliver Buckley, Philip A Legg, Michael Goldsmith, Sadie Creese, Gordon RT Wright, Monica Whitty, None, Understanding Insider Threat: A Framework for Characterising Attacks ieee symposium on security and privacy. pp. 214- 228 ,(2014) , 10.1109/SPW.2014.38
Pallabi Parveen, Bhavani Thuraisingham, Unsupervised incremental sequence learning for insider threat detection intelligence and security informatics. pp. 141- 143 ,(2012) , 10.1109/ISI.2012.6284271
Ted E. Senator, Henry G. Goldberg, Alex Memory, William T. Young, Brad Rees, Robert Pierce, Daniel Huang, Matthew Reardon, David A. Bader, Edmond Chow, Irfan Essa, Joshua Jones, Vinay Bettadapura, Duen Horng Chau, Oded Green, Oguz Kaya, Anita Zakrzewska, Erica Briscoe, Rudolph IV L. Mappus, Robert McColl, Lora Weiss, Thomas G. Dietterich, Alan Fern, Weng--Keen Wong, Shubhomoy Das, Andrew Emmott, Jed Irvine, Jay-Yoon Lee, Danai Koutra, Christos Faloutsos, Daniel Corkill, Lisa Friedland, Amanda Gentzel, David Jensen, Detecting insider threats in a real corporate database of computer usage activity knowledge discovery and data mining. pp. 1393- 1401 ,(2013) , 10.1145/2487575.2488213
Kuheli Roy Sarkar, Assessing insider threats to information security using technical, behavioural and organisational measures Information Security Technical Report. ,vol. 15, pp. 112- 133 ,(2010) , 10.1016/J.ISTR.2010.11.002