International Conference on Advances In Engineering And Technology - ICAET 2014
Author(s) : NATAASHA RAUL , NEHA LOKHANDE, PRIYANK CHHEDA , SIDDHESH KARODE
Traditional security measures have been developed to protect computer system and data within mainly against outside attackers. However, in modern world, new types of threat arise due to bribable employee. Insider threats have potential to inflict severe damage to organization’s resources, financial assets and reputation. There are many types of insider threats which can break confidentiality, integrity, or availability. This paper focuses on the violations of confidentiality and integrity by privilege misuse or escalation in sensitive applications. First, we analyze and identify insider-threat scenarios that compromise confidentiality and integrity. We then discuss how to detect each threat scenario by analyzing the primitive user activities. We have implemented a threat detection mechanism by extending the capabilities of existing software packages. Since our approach can proactively detect the insider’s malicious behaviors before the malicious insider’s goal is achieved, we can prevent the possible damage proactively. In this paper we apply our ideas to the Windows environment as well as Linux environment.