Files in this item



application/pdfNellikar_Suraj.pdf (1MB)
(no description provided)PDF


Title:Insider threat simulation and performance analysis of insider detection algorithms with role based models
Author(s):Nellikar, Suraj
Advisor(s):Nicol, David M.
Department / Program:Electrical & Computer Eng
Discipline:Electrical & Computer Engr
Degree Granting Institution:University of Illinois at Urbana-Champaign
Subject(s):Insider threat
Insider detection algorithms
Role-based access control
Abstract:Insider threat problems are widespread in industry today. They have resulted in huge losses to organizations. The security reports by leading organizations point out the fact that there have been many more insider attacks in recent years than any other form of attack. Detection of these insider threats is a top priority. One problem facing the detection mechanisms is that the real data for modeling is not easily available. This thesis describes a simulator which can simulate the insiders and generate access information in the form of logs. Currently there are many methods which use data mining algorithms to detect insider attacks. Role based detection is a well known mechanism to accurately distinguish insider behavior from the normal behavior. The thesis focuses on the advantages of using role based mechanisms for insider threat detection. Five algorithms have been chosen and performance analysis of these under various scenarios is carried out. The thesis discusses these results in detail. The simulator is built on the Scalable Simulation Framework (SSF). It is an extension of the Boeing simulator, JANUS. The simulator uses behavior files to model an insider/normal user and generates the access information using Markov chains.
Issue Date:2010-05-19
Rights Information:Copyright 2010 Suraj Nellikar
Date Available in IDEALS:2010-05-19
Date Deposited:May 2010

This item appears in the following Collection(s)

Item Statistics