Human-Machine Decision Support Systems for Insider Threat Detection
作者: Philip A. Legg
DOI: 10.1007/978-3-319-59439-2_2
关键词:
摘要: Insider threats are recognised to be quite possibly the most damaging attacks that an organisation could experience. Those on inside, who have privileged access and knowledge, already in a position of great responsibility for contributing towards security operations organisation. Should individual choose exploit this privilege, perhaps due disgruntlement or external coercion from competitor, then potential impact can extremely damaging. There many proposals using machine learning anomaly detection techniques as means automated decision-making about which insiders acting suspicious malicious manner, form large scale data analytics. However, it is well poses challenges, example, how do we capture accurate representation normality assess against, within dynamic ever-changing organisation? More recently, there has been interest visual analytics incorporated with machine-based approaches, alleviate challenges support human reasoning through interactive interfaces. Furthermore, by combining active learning, capability analysts impart their domain expert knowledge back system, so iteratively improve decisions based analyst preferences. With combined human-machine approach threats, system begin more accurately rationale decision process, reduce false positives flagged system. In work, I reflect insider threat detection, look systems offer solutions this.
uwe.ac.uk
springer.com
sci-hub.se 参考文章(48)
Thomas Bozek, Robert H. Anderson, Tom Longstaff, Wayne Meitzler, Michael Skroch, Research on Mitigating the Insider Threat to Information Systems - #2 RAND Corporation. ,(2000)
Oliver Buckley, Sadie Creese, Michael Goldsmith, Philip A. Legg, Visual analytics of e-mail sociolinguistics for user behavioural analysis Journal of Internet Services and Information Security. ,vol. 4, pp. 1- 13 ,(2014) , 10.22667/JISIS.2014.11.31.001
Philip A. Legg, Oliver Buckley, Michael Goldsmith, Sadie Creese, Automated Insider Threat Detection System Using User and Role-Based Profile Assessment IEEE Systems Journal. ,vol. 11, pp. 503- 512 ,(2017) , 10.1109/JSYST.2015.2438442
Philip A Legg, Nick Moffat, Jason RC Nurse, Jassim Happa, Ioannis Agrafiotis, Michael Goldsmith, Sadie Creese, None, Towards a conceptual model and reasoning structure for insider threat detection Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications. ,vol. 4, pp. 20- 37 ,(2013) , 10.22667/JOWUA.2013.12.31.020
J.F. Buford, G. Jakobson, L. Lewis, Insider threat detection using situation-aware MAS international conference on information fusion. pp. 1- 8 ,(2008)
Jerry S. Wiggins, The five-factor model of personality : theoretical perspectives Guilford Press. ,(1996)
Ioannis Agrafiotis, Jason RC Nurse, Oliver Buckley, Phil Legg, Sadie Creese, Michael Goldsmith, Identifying attack patterns for insider threat detection Computer Fraud & Security. ,vol. 2015, pp. 9- 17 ,(2015) , 10.1016/S1361-3723(15)30066-X
Philip A Legg, Oliver Buckley, Michael Goldsmith, Sadie Creese, None, Caught in the act of an insider attack: detection and assessment of insider threat ieee international conference on technologies for homeland security. pp. 1- 6 ,(2015) , 10.1109/THS.2015.7446229
Nebrase Elmrabit, Shuang-Hua Yang, Lili Yang, Insider threats in information security categories and approaches international conference on automation and computing. pp. 1- 6 ,(2015) , 10.1109/ICONAC.2015.7313979
Jason RC Nurse, Oliver Buckley, Philip A Legg, Michael Goldsmith, Sadie Creese, Gordon RT Wright, Monica Whitty, None, Understanding Insider Threat: A Framework for Characterising Attacks ieee symposium on security and privacy. pp. 214- 228 ,(2014) , 10.1109/SPW.2014.38