Applying role based access control and genetic algorithms to insider threat detection

Authors:
Ning Hu;Phillip G. Bradford;Jun Liu
Affiliations:
The University of Alabama, Tuscaloosa, Alabama;The University of Alabama, Tuscaloosa, Alabama;The University of Alabama, Tuscaloosa, Alabama
Venue:
Proceedings of the 44th annual Southeast regional conference
Year:
2006

Citing 2
Cited 3

The NIST model for role-based access control: towards a unified standard

RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Towards Proactive Computer-System Forensics

ITCC '04 Proceedings of the International Conference on Information Technology: Coding and Computing (ITCC'04) Volume 2 - Volume 2

We have met the enemy and he is us

Proceedings of the 2008 workshop on New security paradigms
Insiders behaving badly: addressing bad actors and their actions

IEEE Transactions on Information Forensics and Security
Role-based differentiation for insider detection algorithms

Proceedings of the 2010 ACM workshop on Insider threats

Quantified Score

Hi-index	0.03

Visualization

Abstract

An insider threat is caused by authorized users potentially performing unsanctioned or inappropriate actions that endanger the computer security of an organization. This paper describes a novel approach that employs the ideas of Role-Based Access Control (RBAC) to initiate role-action mapping rules in line with organization specific security policies. These rules can be refined by genetic algorithms (GAs) to identify discrepancies between user roles and processes.