Open Access Journal

ISSN : 2394-2320 (Online)

International Journal of Engineering Research in Computer Science and Engineering (IJERCSE)

Monthly Journal for Computer Science and Engineering

Open Access Journal

International Journal of Engineering Research in Computer Science and Engineering (IJERCSE)

Monthly Journal for Computer Science and Engineering

ISSN : 2394-2320 (Online)

A Technical Monitoring Tool to Mitigate Insider Threat under Windows Environment

Author : Ashokkumar G 1 Prof. S. Rajendren 2

Date of Publication :7th March 2015

Abstract: The insider vulnerability assessment and threat identification based on event logs and security monitoring for windows network machines assist in the internal threat identification of an organizations. It is the process of tightening the security measures and active monitoring of activities for their internal employees. The Organization’s Security analyst can assign the severity levels and their ranks to automate the security alert information and monitoring. The add-on features for restriction setting and user activities monitoring are particularly essential for monitoring threats inside the organization. The dynamic nature of security requires facilitated windows batch and PowerShell commands execution in the same platform for the security analyst.

Reference :

    1. Mitigating Insider Threats by Active Detection. Journal of Modern Internet of Things. Joon S. Park, Jaeho Yim, Jason Hallahan (2013).
    2. The insider threat to information systems and the effectiveness of ISO17799. Computers & Security, 24(6), 472-484. The oharidou, M., Kokolakis, S., Karyda, M., & Kiountouzis, E. (2005).
    3. Assessing insider threats to information security using technical, behavioural and organisational measures. Information Security Technical Report, 15(3), 112-133. doi:10.1016/j.istr.2010.11.002. Roy Sarkar, K. (2010).
    4. Understanding Insider Threat: A Framework for Characterising Attacks. 2014 IEEE Security and Privacy Workshops. Jason R.C. Nurse, Oliver Buckley, Philip A. Legg, Michael Goldsmith, Sadie Creese, Gordon R.T. Wright, Monica Whitty.
    5. Defining and Analysing Insiders and their threat in organization. 2011 IEEE. Alawnch M, Abbadi I.M.
    6. Use of Domain knowledge to detect Insider threat in computer activities. IEEE security and privacy workshop. Frank L.Greitzer, Thomas A,Ferryman.
    7. Reflecting on the ability of enterprise security policy to address accidental insider threat. IEEE Security and Privacy Workshops. Oliver Buckley, Jason R.C Nurse, Philip A.Legg, Micheal Goldsmith, Sadie creese
    8. Use of domain knowledge to detect insider threat in computer activities. IEEE Security and Privacy Workshops. Young W.T, Goldberg H.G, memory A.
    9. Trust Enhanced Security Architecture for detecting insider threats. 2013 IEEE Security and Privacy Workshops. Tupakula U, Varadharajan V.
    10. A descriptive Literature Review and Classification of Insider Threat Research. 2014, Proceedings of Information Science & IT (InSITE). Jacques ophoff, Adrain Jensen, Sanderson smith, Micheal Portwe and Kavin Johnsto
    11. The Insider threat to information system and the effective of ISO 17799. 2005, ELSEVIER. Marianthi Theoharidou, Spyros Kokulakis, Maria Karyda, Evanelog
    12. Insider Threat Attributes and Mitigation Strategies by George J. Silowash. Link: http://repository.cmu.edu/cgi/viewcontent.cgi?article=1 739&context=sei
    13. International Implementation of Best Practices for Mitigation Insider Threat: Analysis for India&Germany.Link:http://resource.sei.cmu.edu/asset_ files/TechnicalReport/2014_005_001_88427.pdf

Recent Article