Written by tuzs
Methodology for Detecting Anomalous Interaction of Users with Information Assets to Identify Insider Activity.
- Abstract: The article describe us that the identification of insiders and insider activities in the organization is an actual direction of ensuring information security, since the high level of software development and hardware information protection brings the malicious actions of legitimate users to the fore. This article discusses the methodology which allows to identify anomalies in the organization’s employees interaction with information assets and its applicability is assessed in the context of work to detect malicious activities of insiders.
- Ключевые слова: insider, anomaly detection, insider threats, cosine similarity, IDF statistical measure, intrusion detection system