BIFROST: A STATISTICAL ANALYSIS FRAMEWORK FOR DETECTING INSIDER THREAT ACTIVITIES ON CYBER SYSTEMS
Findley, Scott E.
Shaffer, Alan B.
MetadataShow full item record
The purpose of this research is to investigate, design and implement a statistical analysis-based insider threat detection product deployable to resource-disadvantaged systems and provide organizations with a method for baselining the network profiles and host activities unique to their operational environments. Our system design seeks to alert the system and its operators to invest greater monitoring resources against hosts who exhibit threat characteristics of insider activity and prevent such activities from inflicting harm on the system and/or causing an information-loss event for the organization. This system provides an initial starting point for future work, implementing one means of detecting insider threat activities; this implementation results in best- and worst-case detection rates of ~74% and ~68.2%, respectively, against our test data. We believe our framework provides a reasonable starting point for future work and improvement.
Approved for public release. distribution is unlimited
Showing items related by title, author, creator and subject.
Nagashima, M.; Agrawal, B.N. (2012);For a large Adaptive Optics (AO) system such as a large Segmented Mirror Telescope (SMT), it is often difficult, although not impossible, to directly apply common Multi-Input Multi-Output (MIMO) controller design methods ...
Spin stabilization of the ORION satellite using a thruster attitude control system with optimal control considerations Cunningham, Janet L. (Naval Postgraduate School, 1989);The controlled system is the ORION satellite spinning about its single axis of symmetry. Hydrazine thrusters are used as the control and are modeled by ideal, constant magnitude step functions. The system is normalized and ...
Pugliese, Antonio; Enos, James; Nilchiani, Roshanak (Monterey, California. Naval Postgraduate School, 2018-04-30); SYM-AM-18-165The approach of the Department of Defense (DoD) to acquisition programs is strongly based on systems engineering. DoD Directive 5000.01 calls for "the application of a systems engineering approach that optimizes total ...