Profiler-2000: Attacking the Insider Threat

Abstract

The Profiler project was concerned with fundamental theoretical and measurement issues in the field of anomaly/intrusion detection, particularly as directed at the problem of insiders. Major issues addressed were: scientifically sound foundations for divers anomaly detectors; tools and methods for assessment of detector effectiveness; and controlled benchmark data sets for testing. Major accomplishments of the project were: determining how the interaction between the architectural aspects of a detection algorithm, such as detection mechanism and coverage, can result in unanticipated vulnerabilities that allow an adversary to undermine the detector; production of calibrated test data sets; and rigorous assessment and error analysis of an anomaly detector in an insider-threat environment.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Sep 01, 2005
Accession Number
ADA439600

Entities

People

  • K. M. Tan
  • R. A. Maxion
  • S. S. Killourhy
  • T. N. Townsend

Organizations

  • Carnegie Mellon University

Tags

Communities of Interest

  • C4I
  • Cyber
  • Energy and Power Technologies

DTIC Thesaurus Topics

  • Algorithms
  • Change Detection
  • Computer Programs
  • Computers
  • Data Sets
  • Detection
  • Detectors
  • Error Analysis
  • Information Systems
  • Insider Threats
  • Intrusion Detection
  • Intrusion Detectors
  • Machine Learning
  • Mathematical Models
  • Operating Systems
  • Security
  • Warning Systems

Readers

  • Cybersecurity.
  • Sensor Fusion and Tracking Systems.
  • Systems Analysis and Design