Combining host and network-based intrusion detection system to mitigate insider threat

Authors

Ajay K. KatangurFollow
Somasheker Akkaladevi
Dulal Kar

Abstract

Insider threat has been a serious problem to many companies whether they realize it or not. The threat can be posed by a legitimate user and/or someone that has relationship to the user. Insider threats can be prevented by following some steps, such as background checks. Technical solutions can also help in preventing the threat, such as regular monitoring of system activity and security training. However, prevention is not enough. As long as someone is working for the company, that company will always facing threats from insiders. Therefore, there is a need for an independent detection system to detect insider threats. In this paper we described a framework to combine host and network based activities for the development of a system to detect insider threats.

Document Type

Conference Proceeding

Publication Date

1-1-2016

Recommended Citation

Katangur, Ajay K., Somasheker Akkaladevi, and Dulal Kar. "Combining Host and Network-based Intrusion Detection System to Mitigate Insider Threat." Presentation at 29th International Conference on Computer Applications in Industry and Engineering, Denver, CO, September 26-28, 2016

Journal Title

29th International Conference on Computer Applications in Industry and Engineering, CAINE 2016