Masters Theses

Keywords and Phrases

Insider threat detection; Intrustion Detection Systems


"Insider threat detection is a major problem. Studies show that the extent of damage that could be caused by insiders is much more extensive than attacks from outside the organization. Intrusion detection systems in use are not geared to detect these attacks. This is because there is a great deal of overlap between insider behavior and that of the normal user. Moreover, intrusion detection systems are attuned to look for attacks from outside the organization. In distributed systems, the complexity of detecting intrusions is increased due to the difficulty in monitoring and correlating the events that happen in various subsystems. This work investigates insider threats, creation of insider-like attacks and briefly discusses the results of experiments conducted to detect such type of attacks.

In order to study and define, normal and intrusive behavior, a simulation of a network used to transport and stock boots in different centers was used. This is called the Boots system. During restudy functional requirements were added to the security requirements.

There were many insider threats that could not be detected solely by an intrusion detection system. In this study only the insider attacks that leave a paper trial and have some means of detection were considered"--Abstract, page iii.


Miller, Ann K.

Committee Member(s)

McMillin, Bruce M.
Stanley, R. Joe


Electrical and Computer Engineering

Degree Name

M.S. in Computer Engineering


University of Missouri--Rolla

Publication Date

Summer 2003


viii, 51 pages

Note about bibliography

Includes bibliographical references (pages 49-50).


© 2003 Krishna Prasad Balasubramanian, All rights reserved.

Document Type

Thesis - Restricted Access

File Type




Subject Headings

Computer networks -- Security measures
Software protection
Computer security

Thesis Number

T 8320

Print OCLC #


Link to Catalog Record

Electronic access to the full-text of this document is restricted to Missouri S&T users. Otherwise, request this publication directly from Missouri S&T Library or contact your local library.

Share My Thesis If you are the author of this work and would like to grant permission to make it openly accessible to all, please click the button above.