2016 IEEE Security and Privacy Workshops (SPW) 2016
DOI: 10.1109/spw.2016.14
|View full text |Cite
|
Sign up to set email alerts
|

A Model-Based Approach to Predicting the Performance of Insider Threat Detection Systems

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

0
12
0

Year Published

2020
2020
2024
2024

Publication Types

Select...
4
2

Relationship

0
6

Authors

Journals

citations
Cited by 15 publications
(12 citation statements)
references
References 18 publications
0
12
0
Order By: Relevance
“…However, in the literature, we noticed that most of the detection approaches (26 articles) deployed Anomaly-based detection mechanism. In contrary, little works in [7], [36], [41], [55] and [60] implemented Misuse-based detection mechanism, while the combination of the two mechanisms were applied in [48] and [37]. A graphical representation of detection mechanisms that are implemented by existing approaches is shown in Figure 7.…”
Section: Detection Mechanismsmentioning
confidence: 99%
See 1 more Smart Citation
“…However, in the literature, we noticed that most of the detection approaches (26 articles) deployed Anomaly-based detection mechanism. In contrary, little works in [7], [36], [41], [55] and [60] implemented Misuse-based detection mechanism, while the combination of the two mechanisms were applied in [48] and [37]. A graphical representation of detection mechanisms that are implemented by existing approaches is shown in Figure 7.…”
Section: Detection Mechanismsmentioning
confidence: 99%
“…The last scenario was a data leakage attack that was conducted by masqueraders using email attachments. This dataset is utilized to validate the detection approaches in [36], [48], [49], [56] and [57].…”
Section: Table 4 Available Datasets Of Insider Threat Detection Approachesmentioning
confidence: 99%
“…Many articles focused on the use of cyber activity behaviors, login events, or the combination of login events with other features [55][56][57][58][59][60] using many different techniques. Nikolai and Wang [55] proposed a solution for data theft in Infrastructure as a Service IAAS Clouds; the k-nearest neighbor (KNN) is used to detect data theft in Clouds.…”
Section: Cyber Activity Behaviormentioning
confidence: 99%
“…Their monitoring system analyzed network messages patterns used to transfer data; using the similar KNN classifier technique and Dempster-Shafer theory by Punithavathani et al [57]. Roberts et al [56] provided a detection mechanism to counter insider threats in critical networks. W. Liu et al's [58] used the Bayesian networks (BNs) and novel modeling approach for the performance of insider threat detection.…”
Section: Cyber Activity Behaviormentioning
confidence: 99%
See 1 more Smart Citation