An insider threat prediction model
TrustBus'10 Proceedings of the 7th international conference on Trust, privacy and security in digital business
Detecting traffic snooping in tor using decoys
RAID'11 Proceedings of the 14th international conference on Recent Advances in Intrusion Detection
Feature: A secure data protection strategy
Network Security
Feature: Forensic investigation of cloud computing systems
Network Security
Ontology-based access control model for security policy reasoning in cloud computing
The Journal of Supercomputing
| Hi-index | 0.00 |
Insider attacks—that is, attacks by users with privileged knowledge about a system—are a growing problem for many organizations. To address this threat, the authors propose a design for insider threat detection that combines an array of complementary techniques that aims to detect evasive adversaries. The authors' work-in-progress combines host-based user event monitoring sensors with trap-based decoys and remote network detectors to track and correlate insider activity. They identify several challenges in scaling up, deploying, and validating this architecture in real environments.