An Active Defense Model and Framework of Insider Threats Detection and Sense
Insider attacks is a well-known problem acknowledged as a threat as early as 1980s. The threat is attributed to legitimate users who take advantage of familiarity with the computational environment and abuse their privileges, can easily cause significant damage or losses. In this paper, we present an active defense model and framework of insider threat detection and sense. Firstly, we describe the hierarchical framework which deal with insider threat from several aspects, and subsequently, show a hierarchy-mapping based insider threats model, the kernel of the threats detection, sense and prediction. The experiments show that the model and framework could sense the insider threat in real-time effectively.
insider threat detection sense model
Hongbin Zhang Jianfeng Ma Yinchuan Wang Qingqi Pei
Ministry of Education KeyLab.of Computer Network and Information Security,Xidian Univ.,Xian 710071, Ministry of Education KeyLab.of Computer Network and Information Security,Xidian Univ.,Xian 710071, The Research Institute,China Electronic Equipment & Systems Engineering Corporation,Beijing 100141,C Ministry of Education KeyLab.of Computer Network and Information Security,Xidian Univ.,Xian 710071,
国际会议
The Fifth International Conference on Information Assurance and Security(第五届信息保障与安全国际会议)
西安
英文
258-261
2009-08-18(万方平台首次上网日期,不代表论文的发表时间)