| 基于用户操作树的内部威胁检测模型 |
| |
| 引用本文: | 崔鹏,姚丹霖. 基于用户操作树的内部威胁检测模型[J]. 河北省科学院学报, 2008, 25(1): 10-14 |
| |
| 作者姓名: | 崔鹏 姚丹霖 |
| |
| 作者单位: | 国防科学技术大学,计算机学院,湖南,长沙,410073 |
| |
| 摘 要: | 企业组织网络所面临的威胁不仅来自外部,而且也来自内部,而内部威胁(Insider Threat)已被认为是一个非常严重的安全问题.现在,内部威胁分析检测工具方面的研究仍处于探索阶段,笔者提出一种新颖的基于用户操作树的内部威胁检测模型.该模型依据用户对系统的操作,定制生成该用户的操作树,通过分析用户操作树可以预测内部威胁的存在.
|
| 关 键 词: | 内部用户 用户操作树 最小操作树 用户操作轨迹串 |
| 文章编号: | 1001-9383(2008)01-0010-05 |
| 修稿时间: | 2008-01-02 |
Insider threat detection model based on operation tree |
| |
| CUI Peng,YAO Dan-lin. Insider threat detection model based on operation tree[J]. Journal of The Hebei Academy of Sciences, 2008, 25(1): 10-14 |
| |
| Authors: | CUI Peng YAO Dan-lin |
| |
| Affiliation: | School of Computer Science;National University of Defense Technology;Changsha Hunan 410073;China |
| |
| Abstract: | Threats that business corporations are facing come from not only the outsider,but also the insider.Nowadays,insider threats are widely recognized as an issue of ulmost importance for security management.However,the development of assessing instrument for discovery and analysis of insider threats is still in an explore stage.The present study provides a novel model for detecting insider threats.This model offers a minimal operation tree on the basis of the specific operation system of the customer.And this m... |
| |
| Keywords: | Insider Operation tree Minimal operation tree Operation trace |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
