A Survey of Insider Attack Detection Research

Abstract

This paper surveys proposed solutions for the problem of insider attack detection appearing in the computer security research literature. We distinguish between masqueraders and traitors as two distinct cases of insider attack. After describing the challenges of this problem and highlighting current approaches and techniques pursued by the research community for insider attack detection, we suggest directions for future research.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Aug 25, 2008
Accession Number
ADA519455

Entities

People

  • Malek B. Salem
  • Salvatore J. Stolfo
  • Shlomo Hershkop

Organizations

  • Columbia University

Tags

Communities of Interest

  • Cyber
  • Materials and Manufacturing Processes
  • Sensors

DTIC Thesaurus Topics

  • Anomaly Detection
  • Change Detection
  • Computer Crime
  • Computers
  • Cybersecurity
  • Data Mining
  • Data Sets
  • Detection
  • Detectors
  • Insider Threats
  • Machine Learning
  • Operating Systems
  • Probability
  • Security
  • Supervised Machine Learning
  • Test And Evaluation
  • Warning Systems

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Systems Analysis and Design

Technology Areas

  • Cyber