Study on user’s identification system in insider threats

PEI Qing-qi1; ZHAO Peng2; ZHANG Hong-bin3; WANG Chao2; YIN Hao1

Tongxin xuebao (Jan 2009)

Study on user’s identification system in insider threats

PEI Qing-qi1,
ZHAO Peng2,
ZHANG Hong-bin3,
WANG Chao2,
YIN Hao1

Affiliations

PEI Qing-qi1
ZHAO Peng2
ZHANG Hong-bin3
WANG Chao2
YIN Hao1

Journal volume & issue: Vol. 30
pp. 121 – 126

Abstract

Read online

Monitoring user’s abnormal behaviors, which is an effective method to detect impersonation, is used for im-personation detection in insider threats.A model is built by using TAN-based Bayesian network to reflect the characteris-tics of user’s behavior.When the deviation from the model is found, the system can determine the identity of the user.As a result, experiments show that the monitoring numbers of processes called by users can be very effective on detecting impersonation and can identify the identity of the attacker.

insider threat;identification;Bayesian network;extended tree augment naive bayesian

Published in Tongxin xuebao

ISSN: 1000-436X (Print)
Publisher: Editorial Department of Journal on Communications
Country of publisher: China
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering: Telecommunication
Website: http://www.infocomm-journal.com/txxb/EN/1000-436X/home.shtml

About the journal

Abstract

Keywords