Bifrost: A Statistical Analysis Framework for Detecting Insider Threat Activities on Cyber Systems - Monitoring Network Resources Against Hosts Who Exhibit Threat Characteristics of Insider Activity

This report has been professionally converted for accurate flowing-text e-book format reproduction. The purpose of this research is to investigate, design and implement a statistical analysis-based insider threat detection product deployable to resource-disadvantaged systems and provide organizations with a method for baselining the network profiles and host activities unique to their operational environments. Our system design seeks to alert the system and its operators to invest greater monitoring resources against hosts who exhibit threat characteristics of insider activity and prevent such activities from inflicting harm on the system and/or causing an information-loss event for the organization. This system provides an initial starting point for future work, implementing one means of detecting insider threat activities; this implementation results in best- and worst-case detection rates of ~74% and ~68.2%, respectively, against our test data. We believe our framework provides a reasonable starting point for future work and improvement.

This compilation includes a reproduction of the 2019 Worldwide Threat Assessment of the U.S. Intelligence Community.

Significant effort and expense have been spent protecting information systems from external malicious threats, but relatively little has been done to evaluate the actions of legitimate users to prevent them from engaging in malicious or otherwise damaging activity. As seen in the recent DoD leaks by Edward Snowden, Bradley Manning, and Reality Winner, the insider threat possesses significant destructive potential against national security, international relations, and global commerce interests. While external threat protection systems, like antivirus software, are established to be viable threat prevention means and are ubiquitous on modern information technology (IT) systems, detection and prevention systems focused on insider threats and are far less common. Previous work to improve insider threat detection and prevention includes efforts to apply existing frameworks and techniques to malicious activity detection, but they are disparate in their methods of classifying and assigning threat potential to the various user activity indicators. These differing means of describing malicious indicators and responding to threats are also often not applicable to the DoD due to the restrictions imposed by network authorization/validation processes and concerns unique to national security systems. We seek to alleviate this issue by producing a systems-agnostic solution capable of detecting insider activity within any organization's network without the need for integration or communications with any other external system.

1133191395
Bifrost: A Statistical Analysis Framework for Detecting Insider Threat Activities on Cyber Systems - Monitoring Network Resources Against Hosts Who Exhibit Threat Characteristics of Insider Activity

This report has been professionally converted for accurate flowing-text e-book format reproduction. The purpose of this research is to investigate, design and implement a statistical analysis-based insider threat detection product deployable to resource-disadvantaged systems and provide organizations with a method for baselining the network profiles and host activities unique to their operational environments. Our system design seeks to alert the system and its operators to invest greater monitoring resources against hosts who exhibit threat characteristics of insider activity and prevent such activities from inflicting harm on the system and/or causing an information-loss event for the organization. This system provides an initial starting point for future work, implementing one means of detecting insider threat activities; this implementation results in best- and worst-case detection rates of ~74% and ~68.2%, respectively, against our test data. We believe our framework provides a reasonable starting point for future work and improvement.

This compilation includes a reproduction of the 2019 Worldwide Threat Assessment of the U.S. Intelligence Community.

Significant effort and expense have been spent protecting information systems from external malicious threats, but relatively little has been done to evaluate the actions of legitimate users to prevent them from engaging in malicious or otherwise damaging activity. As seen in the recent DoD leaks by Edward Snowden, Bradley Manning, and Reality Winner, the insider threat possesses significant destructive potential against national security, international relations, and global commerce interests. While external threat protection systems, like antivirus software, are established to be viable threat prevention means and are ubiquitous on modern information technology (IT) systems, detection and prevention systems focused on insider threats and are far less common. Previous work to improve insider threat detection and prevention includes efforts to apply existing frameworks and techniques to malicious activity detection, but they are disparate in their methods of classifying and assigning threat potential to the various user activity indicators. These differing means of describing malicious indicators and responding to threats are also often not applicable to the DoD due to the restrictions imposed by network authorization/validation processes and concerns unique to national security systems. We seek to alleviate this issue by producing a systems-agnostic solution capable of detecting insider activity within any organization's network without the need for integration or communications with any other external system.

6.99 In Stock
Bifrost: A Statistical Analysis Framework for Detecting Insider Threat Activities on Cyber Systems - Monitoring Network Resources Against Hosts Who Exhibit Threat Characteristics of Insider Activity

Bifrost: A Statistical Analysis Framework for Detecting Insider Threat Activities on Cyber Systems - Monitoring Network Resources Against Hosts Who Exhibit Threat Characteristics of Insider Activity

by Progressive Management
Bifrost: A Statistical Analysis Framework for Detecting Insider Threat Activities on Cyber Systems - Monitoring Network Resources Against Hosts Who Exhibit Threat Characteristics of Insider Activity

Bifrost: A Statistical Analysis Framework for Detecting Insider Threat Activities on Cyber Systems - Monitoring Network Resources Against Hosts Who Exhibit Threat Characteristics of Insider Activity

by Progressive Management

eBook

$6.99 

Available on Compatible NOOK devices, the free NOOK App and in My Digital Library.
WANT A NOOK?  Explore Now

Related collections and offers

LEND ME® See Details

Overview

This report has been professionally converted for accurate flowing-text e-book format reproduction. The purpose of this research is to investigate, design and implement a statistical analysis-based insider threat detection product deployable to resource-disadvantaged systems and provide organizations with a method for baselining the network profiles and host activities unique to their operational environments. Our system design seeks to alert the system and its operators to invest greater monitoring resources against hosts who exhibit threat characteristics of insider activity and prevent such activities from inflicting harm on the system and/or causing an information-loss event for the organization. This system provides an initial starting point for future work, implementing one means of detecting insider threat activities; this implementation results in best- and worst-case detection rates of ~74% and ~68.2%, respectively, against our test data. We believe our framework provides a reasonable starting point for future work and improvement.

This compilation includes a reproduction of the 2019 Worldwide Threat Assessment of the U.S. Intelligence Community.

Significant effort and expense have been spent protecting information systems from external malicious threats, but relatively little has been done to evaluate the actions of legitimate users to prevent them from engaging in malicious or otherwise damaging activity. As seen in the recent DoD leaks by Edward Snowden, Bradley Manning, and Reality Winner, the insider threat possesses significant destructive potential against national security, international relations, and global commerce interests. While external threat protection systems, like antivirus software, are established to be viable threat prevention means and are ubiquitous on modern information technology (IT) systems, detection and prevention systems focused on insider threats and are far less common. Previous work to improve insider threat detection and prevention includes efforts to apply existing frameworks and techniques to malicious activity detection, but they are disparate in their methods of classifying and assigning threat potential to the various user activity indicators. These differing means of describing malicious indicators and responding to threats are also often not applicable to the DoD due to the restrictions imposed by network authorization/validation processes and concerns unique to national security systems. We seek to alleviate this issue by producing a systems-agnostic solution capable of detecting insider activity within any organization's network without the need for integration or communications with any other external system.


Product Details

BN ID: 2940163318308
Publisher: Progressive Management
Publication date: 08/24/2019
Sold by: Smashwords
Format: eBook
File size: 5 MB

About the Author

Progressive Management: For over a quarter of a century, our news, educational, technical, scientific, and medical publications have made unique and valuable references accessible to all people. Our imprints include PM Medical Health News, Advanced Professional Education and News Service, Auto Racing Analysis, and World Spaceflight News. Many of our publications synthesize official information with original material. They are designed to provide a convenient user-friendly reference work to uniformly present authoritative knowledge that can be rapidly read, reviewed or searched. Vast archives of important data that might otherwise remain inaccessible are available for instant review no matter where you are. The e-book format makes a great reference work and educational tool. There is no other reference book that is as convenient, comprehensive, thoroughly researched, and portable - everything you need to know, from renowned experts you trust. Our e-books put knowledge at your fingertips, and an expert in your pocket!

From the B&N Reads Blog

Customer Reviews