Visible to the public An Active Defense Model and Framework of Insider Threats Detection and Sense

TitleAn Active Defense Model and Framework of Insider Threats Detection and Sense
Publication TypeConference Paper
Year of Publication2009
AuthorsZhang, H., Ma, J., Wang, Y., Pei, Q.
Conference Name2009 Fifth International Conference on Information Assurance and Security
Keywordsactive defense model, computer networks, computer science education, computer security, detection, Electronic equipment, Fellows, hierarchy-mapping based insider threats model, Human Behavior, Information security, Information systems, insider threat, insider threat sense, insider threats detection, Metrics, Model, Monitoring, policy-based governance, pubcrawl, resilience, Resiliency, security of data, SEnSE, Systems engineering and theory, Systems engineering education
AbstractInsider attacks is a well-known problem acknowledged as a threat as early as 1980s. The threat is attributed to legitimate users who take advantage of familiarity with the computational environment and abuse their privileges, can easily cause significant damage or losses. In this paper, we present an active defense model and framework of insider threat detection and sense. Firstly, we describe the hierarchical framework which deal with insider threat from several aspects, and subsequently, show a hierarchy-mapping based insider threats model, the kernel of the threats detection, sense and prediction. The experiments show that the model and framework could sense the insider threat in real-time effectively.
Citation Keyzhang_active_2009