Home Author Index Search Volume 1 May 2009 ISSN 1797-9617

International Journal of

Recent Trends in Engineering

Home > Vol. 1, No. 2

 

International Journal of Recent Trends in Engineering (IJRTE)

ISSN 1797-9617

Volume 1, Number 2, May 2009

Issue on Computer Science

Page(s): 261-266

Behavior-Anomaly-Based System for Detecting Insider Attacks and Data Mining

Vijaya Bhaskar Velpula, Dayanandam Gudipudi

Full text: PDF

Abstract

Early detection of employees' improper access to sensitive or valuable data is critical to limiting negative financial impacts to an organization, including regulatory penalties for misuse of customer data that results from these insider attacks. This paper focuses primarily on the techniques for detecting insider attacks, but also discusses the processes required to implement a solution. In particular, we describe a behavior-anomaly-based system for detecting insider attacks. The system uses peer-group profiling, composite feature modeling, and real-time statistical data mining. The analytical models are refined and used to update the real-time monitoring process. Finally, we describe an implementation of this detection approach in the form of the IBM Identity Risk and Investigation Solution (IRIS).

Index Terms

Masquerader, Insider Attack, Micro Broker, RFID, Operational data source

Published by Academy Publisher in cooperation with the ACEEE

@ Copyright 2009 ACADEMY PUBLISHER All rights reserved