Insider Cyber Threat Situational Awareness Framwork using Dynamic Bayesian Networks
Insider cyber threat is a serious problem in resent years. Many traditional methods such as intrusion detection system and prevention system can not effectively deal with insider attack problems because they lack of dynamic inference capability to acquire and understand cyber situational awareness. This paper presented a framework model based on DBN to capture the dynamic user behavior and establish and improve inference ability. This model has used transition relationship of DBN and HMM and its better performance inference algorithm to infer next activity. Those performances are verified and compared by the experiments in the end.
insider threat DBN HMM situational awareness inference
Ke Tang Ming-Tian Zhou Wen-Yong Wang
School of Computer Science and Engineering University of Electronic Science and Technology of China Chengdu, China
国际会议
第四届国际计算机新科技与教育学术会议(2009 4th International Conference on Computer Science & Education)
南京
英文
1146-1150
2009-07-25(万方平台首次上网日期,不代表论文的发表时间)