Title :
Role-based profile analysis for scalable and accurate insider-anomaly detection
Author :
Park, Joon S. ; Giordano, Joseph
Author_Institution :
Sch. of Inf. Studies, Syracuse Univ., NY
Abstract :
Sensitive organizations such as the intelligence community (IC) have faced increasing challenges of insider threats because insiders are not always friends, but can be significant threats to the corporate assets. Statistically, it is accepted that the cost of insider threats exceeds that of outsider threats. Many security technologies have been invented to prevent threats from outsiders, but they have limited use in countering insiders´ abnormal behaviors. Furthermore, individual-based monitoring mechanisms are not scalable for a large enterprise system. Therefore, in this paper, we introduce a scalable and accurate approach with the role-based profile analysis for countering insider threats, focusing on the relationship between insiders and their systems to detect anomalies. Also, we describe our simulation with synthetic data sets of baseline and threat scenarios
Keywords :
monitoring; security of data; telecommunication security; accurate approach; individual-based monitoring mechanism; role-based profile analysis; scalable anomaly detection; security technology; Access control; Computer crime; Costs; Face detection; Information analysis; Information security; Intrusion detection; Laboratories; Monitoring; Permission;
Conference_Titel :
Performance, Computing, and Communications Conference, 2006. IPCCC 2006. 25th IEEE International
Conference_Location :
Phoenix, AZ
Print_ISBN :
1-4244-0198-4
DOI :
10.1109/.2006.1629440