Profiler-2000: Attacking the Insider Threat

Profiler-2000: Attacking the Insider Threat

The Profiler project was concerned with fundamental theoretical and measurement issues in the field of anomaly/intrusion detection, particularly as directed at the problem of insiders. Major issues addressed were: scientifically sound foundations for divers anomaly detectors; tools and methods for a...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Maxion, R A, Tan, K M, Killourhy, S S, Townsend, T N
Format: Report
Sprache:eng
Schlagworte:
ADVERSARIES
ALGORITHMS
ANOMALIES
ANOMALY DETECTION
BENCHMARKS
CALIBRATION
COMPUTER ARCHITECTURE
Computer Systems Management and Standards
DATA BASES
DATA PROCESSING SECURITY
DETECTION ALGORITHMS
ERROR ANALYSIS
EXPERIMENTAL DATA
INSIDER THREATS
INTRUSION DETECTION
INTRUSION DETECTORS
Miscellaneous Detection and Detectors
PE62301E
PROFILER PROJECT
PROFILING
THREATS
WUAFRLIAST0006
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The Profiler project was concerned with fundamental theoretical and measurement issues in the field of anomaly/intrusion detection, particularly as directed at the problem of insiders. Major issues addressed were: scientifically sound foundations for divers anomaly detectors; tools and methods for assessment of detector effectiveness; and controlled benchmark data sets for testing. Major accomplishments of the project were: determining how the interaction between the architectural aspects of a detection algorithm, such as detection mechanism and coverage, can result in unanticipated vulnerabilities that allow an adversary to undermine the detector; production of calibrated test data sets; and rigorous assessment and error analysis of an anomaly detector in an insider-threat environment. The original document contains color images.