Title :
Who Really Did It? Controlling Malicious Insiders by Merging Biometric Behavior with Detection and Automated Responses
Author :
Gabrielson, Bruce
Abstract :
This ongoing research and development activity addresses aspects of a potential capability to detect credential misuse and a suggested alerting approach based on known attack conditions to support automated mitigation techniques. This research is based on the assumption that the audit data and human-computer activity characteristics extracted from networked components contain the footprint(s) of those trying to breach network security. It takes advantage of the combination of near-real-time suspicious activity detection with biometric behavior profiling to reduce profiling false positives and network access controls that enable faster and more focused responses to detected suspicious activities.
Keywords :
authorisation; biometrics (access control); computer network security; human computer interaction; alerting approach; audit data characteristics; automated mitigation techniques; automated responses; biometric behavior merging; biometric behavior profiling; credential misuse detection; detection responses; human-computer activity characteristics; malicious insider control; near-real-time suspicious activity detection; network access controls; profiling false positive reduction; Access control; Data mining; Hip; Intrusion detection; US Department of Defense; Workstations; NAC control; automated response; biometric profiling; data standards; insider threat detection;
Conference_Titel :
System Science (HICSS), 2012 45th Hawaii International Conference on
Conference_Location :
Maui, HI
Print_ISBN :
978-1-4577-1925-7
Electronic_ISBN :
1530-1605
DOI :
10.1109/HICSS.2012.643
