Name
Abstract | ||
|---|---|---|
The success of Manning in acquiring and releasing US State Department cables provides strong implications for the likelihood of similar insider threat attacks occurring again in the future. Such future attacks will likely employ more sophisticated methodologies. The first goal of this paper is to begin examining what such sophisticated insider threat attacks might include. Traditionally, organizations have avoided employing insider threat detection mechanisms due to the high rate of false positives and false negatives. This is a consequence of the chaotic nature and sheer volume of data needing analysis. A second goal of this paper is to begin proposing mechanism by which insider threat detection can be made feasible, especially in critical domains. More specifically this paper proposes multiple layers of event detection which when correlated over time will provide identification of significant irregularities requiring investigation. |
Year | DOI | Venue |
|---|---|---|
2011 | 10.1109/SADFE.2011.14 | Systematic Approaches to Digital Forensic Engineering |
Keywords | Field | DocType |
forensics techniques work,us state department cable,false positive,event detection,next wikileaks,future attack,similar insider threat attack,insider threat detection,insider threat detection mechanism,false negative,sophisticated insider threat attack,sophisticated methodology,false positive rate,correlation,computer forensics,government,forensics,intrusion detection,data visualization,data analysis | Data visualization,Computer forensics,Computer security,Insider threat,Engineering,False positives and false negatives,Law enforcement,Intrusion detection system,Government | Conference |
ISBN | Citations | PageRank |
978-1-4673-1242-4 | 0 | 0.34 |
References | Authors | |
8 | 1 | |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Robert F. Erbacher | 1 | 202 | 27.65 |