Fine-Grain Document Access Modeling and Monitoring

Abstract

This project builds software tools to store documents in the PPS (Partial Persistent Sequence) system, monitor accesses to PPS documents, and analyze the access patterns to find cyber insider attacks. PPS uses a simple API access authorization scheme to thwart direct data transfer cyber insider attacks. A combination of fine-grained access monitoring data and statistical analysis on combined sub-sessions supports the effective detection (and prevention) of next generation cyber insider attacks that only steal minimized and targeted data transfers through legitimate APIs.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Nov 01, 2012
Accession Number
ADA570631

Entities

People

  • Calton Pu
  • Christopher Grayson

Organizations

  • Georgia Tech Research Corporation

Tags

DTIC Thesaurus Topics

  • Air Force
  • Air Force Research Laboratories
  • Correlation Analysis
  • Data Transmission
  • Databases
  • Demographic Cohorts
  • Detection
  • Graphical User Interface
  • Html
  • Information Science
  • Insider Threats
  • Institutional Review Board
  • Intrusion Detection
  • Operating Systems
  • Statistical Analysis
  • Web Browsers
  • Word Processors

Fields of Study

  • Computer science

Readers

  • Database Systems and Applications
  • Electrical Engineering
  • Government and Public Administration Law.

Technology Areas

  • Cyber