본문 바로가기
[학술저널]

  • 학술저널

김해동(고려대학교) 김준홍(고려대학교) 박민식(고려대학교) 조수현(고려대학교) 강필성(고려대학교)

DOI : 10.7232/JKIIE.2017.43.4.276

UCI(KEPA) : I410-ECN-0101-2018-530-001173473

표지

북마크 0

리뷰 0

이용수 277

피인용수 0

초록

In this paper, we propose insider threat detection methods based on user behavior modeling and novelty detection algorithms. Although traditional insider treat detection methods focus on the rule-based approaches built by domain knowledge of experts, it turns out that they are neither flexible nor robust. Recently, machine learning-based approaches have been highlighted as an alternative to rule-based approaches because data driven detection system can be more applicable to actual systems. To do so, we first design the user behavior model that transforms log records of user activities, inappropriate for machine learning algorithms, into numerical vectors to encode user behaviors to instances. Then we apply variable selection methods and novelty detection algorithms to efficiently detect the rare insider treats or malicious (suspicious) activities. Experimental results support that the proposed framework can work well for severally imbalanced data sets in which there are only a few insider threats although no domain experts’ knowledge is provided.

목차

1. 서론
2. 문헌연구
3. CERT 데이터 및 이상치 탐지 방법
4. 실험결과
5. 결론
참고문헌

리뷰(0)

도움이 되었어요.0

도움이 안되었어요.0

첫 리뷰를 남겨주세요.
DBpia에서 서비스 중인 논문에 한하여 피인용 수가 반영됩니다.
인용된 논문이 DBpia에서 서비스 중이라면, 아래 [참고문헌 신청]을 통해서 등록해보세요.
Insert title here