DocumentCode
630124
Title
Layered behavioral trace modeling for threat detection
Author
Mappus, Rudolph L. ; Briscoe, Erica
Author_Institution
Georgia Tech Res. Inst., Atlanta, GA, USA
fYear
2013
fDate
4-7 June 2013
Firstpage
173
Lastpage
175
Abstract
A fundamental problem in detecting threats to security by monitoring computer usage is the high number of false positives that are created when analyzing a large data set for anomalous behavior. We address the problem by modeling user behavior at multiple scales so as to allow for the identification potential insider threats from users´ logged activity by tracking users´ activity over time. In this work, we apply a novel method for representing user activity at multiple temporal scales to a dataset that contains malicious behavior. We report our detection results and discuss how a layered detection method may be advantageous for the discovery of specific types of malicious behavior.
Keywords
security of data; anomalous behavior; computer usage monitoring; layered behavioral trace modeling; malicious behavior; multiple temporal scales; threat detection; Tracking;
fLanguage
English
Publisher
ieee
Conference_Titel
Intelligence and Security Informatics (ISI), 2013 IEEE International Conference on
Conference_Location
Seattle, WA
Print_ISBN
978-1-4673-6214-6
Type
conf
DOI
10.1109/ISI.2013.6578813
Filename
6578813
Link To Document