Role-based profile analysis for scalable and accurate insider-anomaly detection

Joon S. Park, Joseph Giordano

Research output: Chapter in Book/Entry/PoemConference contribution

28 Scopus citations

Abstract

Sensitive organizations such as the Intelligence Community (IC) have faced increasing challenges of insider threats because insiders are not always friends, but can be significant threats to the corporate assets. Statistically, it is accepted that the cost of insider threats exceeds that of outsider threats. Many security technologies have been invented to prevent threats from outsiders, but they have limited use in countering insiders' abnormal behaviors. Furthermore, individual-based monitoring mechanisms are not scalable for a large enterprise system. Therefore, in this paper, we introduce a scalable and accurate approach with the role-based profile analysis for countering insider threats, focusing on the relationship between insiders and their systems to detect anomalies. Also, we describe our simulation with synthetic data sets of baseline and threat scenarios.

Original languageEnglish (US)
Title of host publication25th IEEE International Performance, Computing, and Communications Conference, 2006, IPCCC 2006
Pages463-469
Number of pages7
DOIs
StatePublished - 2006
Event25th IEEE International Performance, Computing, and Communications Conference, 2006, IPCCC 2006 - Phoenix, AZ, United States
Duration: Apr 10 2006Apr 12 2006

Publication series

NameConference Proceedings of the IEEE International Performance, Computing, and Communications Conference
Volume2006

Other

Other25th IEEE International Performance, Computing, and Communications Conference, 2006, IPCCC 2006
Country/TerritoryUnited States
CityPhoenix, AZ
Period4/10/064/12/06

ASJC Scopus subject areas

  • General Engineering

Fingerprint

Dive into the research topics of 'Role-based profile analysis for scalable and accurate insider-anomaly detection'. Together they form a unique fingerprint.

Cite this