Study on user’s identification system in insider threats

PEI Qing-qi1; ZHAO Peng2; ZHANG Hong-bin3; WANG Chao2; YIN Hao1

您当前的位置：

首页 >

文章列表页 >

Study on user’s identification system in insider threats

更新时间：2024-10-14

- Study on user’s identification system in insider threats
- Vol. 30, Issue S2, Pages: 121-126(2009)
- 作者机构：
  
  1. 中国电子设备系统工程公司研究所
  2. 西安电子科技大学计算机网络与信息安全教育部重点实验室
  3. 河北科技大学信息科学与工程学院
- 作者简介：
- 基金信息：
- DOI：
  CLC： TP393.08
- Published：2009
- 稿件说明：
移动端阅览
PEI Qing-qi1, ZHAO Peng2, ZHANG Hong-bin3, et al. Study on user’s identification system in insider threats[J]. 2009, 30(S2): 121-126.
DOI：

PEI Qing-qi1, ZHAO Peng2, ZHANG Hong-bin3, et al. Study on user’s identification system in insider threats[J]. 2009, 30(S2): 121-126. DOI：

摘要

监控用户的异常行为是进行冒充检测的一种有效途径

将这种方法应用到内部威胁的身份鉴别当中

用基于TAN的贝叶斯网络建立反映用户行为特征的进程信息模型

当用户行为偏离特征模型时

可以有效判断出用户的身份。实验结果表明

通过监控用户调用的进程名称和相应的进程数可以很好检测冒充攻击并且能够识别攻击者的身份。

Abstract

Monitoring user’s abnormal behaviors

which is an effective method to detect impersonation

is used for im-personation detection in insider threats.A model is built by using TAN-based Bayesian network to reflect the characteris-tics of user’s behavior.When the deviation from the model is found

the system can determine the identity of the user.As a result

experiments show that the monitoring numbers of processes called by users can be very effective on detecting impersonation and can identify the identity of the attacker.

关键词

Keywords

references

Views

736

下载量

CSCD

Alert me when the article has been cited

提交

Tools

Publicity Resources

Study on user behavior profiling in insider threat detection

Business process mining based insider threat detection system

Related Author

Yuanbo GUO

Chunhui LIU

Jing KONG

Yifeng WANG

Tai-ming ZHU

Yuan-bo GUO

An-kang JU

Jun MA

Related Institution

Cryptography Engineering Institute, Information Engineering University

Unit 61213 of The Chinese People's Liberation Army

School of Cyberspace Security,PLA Information Engineering University

State Key Laboratory of Mathematical Engineering and Advanced Computing

AI问答

⁰