An Empirical Approach to Identify Information Misuse by Insiders (Extended Abstract)
RECENT ADVANCES IN INTRUSION DETECTION, RAID 2008(2008)
摘要
Rogue employees with access to sensitive information can easily abuse their access to engage in information theft. To help differentiate malicious from benign behavior, this study measures how participants, given a common search topic, seek information. This study uses double-blind procedures, a stratified sample, and carefully designed control and experimental conditions. We seek to validate previously identified network indicators (ELICIT), find new host-based behaviors, and consider other human attributes that affect the information-use of malicious insiders by comparing their behavior to equivalent non-malicious users.
更多查看译文
关键词
double-blind procedure,equivalent non-malicious user,common search topic,sensitive information,malicious insider,new host-based behavior,empirical approach,information theft,study measure,insider threat,malicious users,detection,benign behavior,misuse.,extended abstract,experimental condition,identify information misuse,stratified sampling
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要