Keywords and Phrases

Insider threat detection; Intrustion Detection Systems

Abstract

"Insider threat detection is a major problem. Studies show that the extent of damage that could be caused by insiders is much more extensive than attacks from outside the organization. Intrusion detection systems in use are not geared to detect these attacks. This is because there is a great deal of overlap between insider behavior and that of the normal user. Moreover, intrusion detection systems are attuned to look for attacks from outside the organization. In distributed systems, the complexity of detecting intrusions is increased due to the difficulty in monitoring and correlating the events that happen in various subsystems. This work investigates insider threats, creation of insider-like attacks and briefly discusses the results of experiments conducted to detect such type of attacks.

In order to study and define, normal and intrusive behavior, a simulation of a network used to transport and stock boots in different centers was used. This is called the Boots system. During restudy functional requirements were added to the security requirements.

There were many insider threats that could not be detected solely by an intrusion detection system. In this study only the insider attacks that leave a paper trial and have some means of detection were considered"--Abstract, page iii.

Advisor(s)

Miller, Ann K.

Committee Member(s)

McMillin, Bruce M.
Stanley, R. Joe

Department(s)

Electrical and Computer Engineering

Degree Name

M.S. in Computer Engineering

Publisher

University of Missouri--Rolla

Publication Date

Summer 2003

Pagination

viii, 51 pages

Note about bibliography

Includes bibliographical references (pages 49-50).

Rights

Document Type

Thesis - Restricted Access

File Type

text

Language

English

Subject Headings

Computer networks -- Security measuresSoftware protectionComputer security

Thesis Number

T 8320

Print OCLC #

54849989

Recommended Citation

Balasubramanian, Krishna Prasad, "Insider attack scenarios and black box testing in support of insider threat detection" (2003). Masters Theses. 2381.
https://scholarsmine.mst.edu/masters_theses/2381

Download

Off-campus S&T users

Share My Thesis If you are the author of this work and would like to grant permission to make it openly accessible to all, please click the button above.

COinS

Masters Theses

Insider attack scenarios and black box testing in support of insider threat detection