Title :
Layered behavioral trace modeling for threat detection
Author :
Mappus, Rudolph L. ; Briscoe, Erica
Author_Institution :
Georgia Tech Res. Inst., Atlanta, GA, USA
Abstract :
A fundamental problem in detecting threats to security by monitoring computer usage is the high number of false positives that are created when analyzing a large data set for anomalous behavior. We address the problem by modeling user behavior at multiple scales so as to allow for the identification potential insider threats from users´ logged activity by tracking users´ activity over time. In this work, we apply a novel method for representing user activity at multiple temporal scales to a dataset that contains malicious behavior. We report our detection results and discuss how a layered detection method may be advantageous for the discovery of specific types of malicious behavior.
Keywords :
security of data; anomalous behavior; computer usage monitoring; layered behavioral trace modeling; malicious behavior; multiple temporal scales; threat detection; Tracking;
Conference_Titel :
Intelligence and Security Informatics (ISI), 2013 IEEE International Conference on
Conference_Location :
Seattle, WA
Print_ISBN :
978-1-4673-6214-6
DOI :
10.1109/ISI.2013.6578813