Accumulating evidence of insider attacks

CEUR Workshop Proceedings

Volumn 469, Issue , 2009, Pages 34-50

  Chivers, Howard ^a   Nobles, Philip ^a   Shaikh, Siraj A ^a   Clark, John A ^b   Chen, Hao ^b  

^a CRANFIELD UNIVERSITY   (United Kingdom)

^b UNIVERSITY OF YORK   (United Kingdom)

Author keywords

[No Author keywords available]

Indexed keywords

BAYESIAN STATISTICS; INSIDER ATTACK; LARGE VOLUMES; MULTIPLE SOURCE; SCALABLE SOLUTION; WORKED EXAMPLES;

SECURITY SYSTEMS;

ESTIMATION;

EID: 84883337388     PISSN: 16130073     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (14)

1. CERT incident note IN-98-05: Probes with spoofed IP addresses, 24 November 1998.
2. Rebecca Bace and Peter Mell. Intrusion detection systems (IDS). Technical Report SP 800-31, National Institute of Standards and Technology (NIST), 2001 2001.
3. Richard C. Brackney and Robert H. Anderson. Understanding the insider threat. Technical Report Proceedings of March 2004 Workshop, RAND National Security Research Division, 2004.
4. Phillip G. Bradford, Marcus Brown, Josh Perdue, and Bonnie Self. Towards proactive computer-system forensics. In International Conference on Information Technology: Coding and Computing (ITCC 2004), pages 648 - 652. IEEE Computer Society, 2004.
5. John F. Buford, Lundy Lewis, and Gabriel Jakobson. Insider threat detection using situation-aware MAS. In 11th International Conference on Information Fusion, pages 1-8, Cologne, Germany, 2008. IEEE Xplore.
6. Srilatha Chebrolua, Ajith Abrahama, and Johnson P. Thomas. Feature deduction and ensemble design of intrusion detection systems. Computers and Security, 24(4):295-307, 2004.
7. Jeffrey B. Colombe and Gregory Stephens. Statistical profiling and visualization for detection of malicious insider attacks on computer networks. In The 2004 ACM Workshop on Visualization and Data Mining for Computer Security, pages 138-142. ACM Press, 2004.
8. William Eberle and Lawrence Holder. Insider threat detection using graph-based approaches. In Cybersecurity Applications & Technology Conference For Homeland Security (CATCH), pages 237-241. IEEE Computer Society, 2009.
9. Dan Goodin. TJX breach was twice as big as admitted, banks say. The Register, 24 October 2007.
10. Todd Heberlein. Tactical operations and strategic intelligence: Sensor purpose and placement. Technical Report TR-2002-04.02, Net Squared, Inc., 9 September 2002 2002.
11. Nam Nguyen, Peter Reiher, and Geoffrey H. Kuenning. Detecting insider threats by monitoring system call activity. In 2003 IEEE Workshop on Information Assurance, pages 18-20, United States Military Academy, West Point, 2003. IEEE Computer Society.
12. Marisa Reddy Randazzo, Dawn Cappelli, Michelle Keeney, Andrew Moore, and Eileen Kowalski. U.S. secret service and CERT coordination center/SEI insider threat study: Illicit cyber activity in the banking and finance sector. Technical report, Software Engineering Institute, Carnegie Mellon University, August 2004.
13. Lance Spitzner. Honeypots: Catching the insider threat. In 19th Annual Computer Security Applications Conference (ACSAC '03), pages 170-179. IEE Computer Society, 2003.
14. Stuart Staniford, James A. Hoagland, and Joseph M. McAlerney. Practical automated detection of stealthy portscans. Journal of Computer Security, 10(1/2):105- 136, 2002.