Free Delivery Over $100
|
|
|||
|
||||
OverviewThe purpose of this research is to investigate, design and implement a statistical analysis-based insider threat detection product deployable to resource-disadvantaged systems and provide organizations with a method for baselining the network profiles and host activities unique to their operational environments. Our system design seeks to alert the system and its operators to invest greater monitoring resources against hosts who exhibit threat characteristics of insider activity and prevent such activities from inflicting harm on the system and/or causing an information-loss event for the organization. This system provides an initial starting point for future work, implementing one means of detecting insider threat activities; this implementation results in best- and worst-case detection rates of 74% and 68.2%, respectively, against our test data. We believe our framework provides a reasonable starting point for future work and improvement.This compilation includes a reproduction of the 2019 Worldwide Threat Assessment of the U.S. Intelligence Community.Significant effort and expense have been spent protecting information systems from external malicious threats, but relatively little has been done to evaluate the actions of legitimate users to prevent them from engaging in malicious or otherwise damaging activity. As seen in the recent DoD leaks by Edward Snowden, Bradley Manning, and Reality Winner, the insider threat possesses significant destructive potential against national security, international relations, and global commerce interests. While external threat protection systems, like antivirus software, are established to be viable threat prevention means and are ubiquitous on modern information technology (IT) systems, detection and prevention systems focused on insider threats and are far less common. Previous work to improve insider threat detection and prevention includes efforts to apply existing frameworks and techniques to malicious activity detection, but they are disparate in their methods of classifying and assigning threat potential to the various user activity indicators. These differing means of describing malicious indicators and responding to threats are also often not applicable to the DoD due to the restrictions imposed by network authorization/validation processes and concerns unique to national security systems. We seek to alleviate this issue by producing a systems-agnostic solution capable of detecting insider activity within any organization's network without the need for integration or communications with any other external system. Full Product DetailsAuthor: U S Military , Department of Defense (Dod) , Scott E FindleyPublisher: Independently Published Imprint: Independently Published Dimensions: Width: 21.60cm , Height: 0.60cm , Length: 28.00cm Weight: 0.272kg ISBN: 9781688414396ISBN 10: 1688414398 Pages: 110 Publication Date: 24 August 2019 Audience: General/trade , General Format: Paperback Publisher's Status: Active Availability: In stock  We have confirmation that this item is in stock with the supplier. It will be ordered in for you and dispatched immediately. Table of ContentsReviewsAuthor InformationTab Content 6Author Website:Countries AvailableAll regions |
||||
