Abstract
Due to greater media attention on security vulnerabilities more companies are investing in technical security. Even though technical measures do prevent technical attacks, these digital strongholds do nothing when considering social engineering vulnerabilities. Although security advancements can help prevent intrusion and illicit communications, they are powerless in stopping an already-authorized entity. In the cases of account-sharing, willful account turn-over (“fake technical support”), or remote desktop control, there are no measures in place with existing security solutions. Our proposed system addresses this weakness, through a user action profiler. As a user interacts with a system, a log of their usage is stored. This profile can then be used to detect action discrepancies. Our research focused on building an early profiler system and analyzed profile data evolution over time. This data will be eventually integrated into an anomaly detection system, which will be able to analyze incoming usage data and make a comparison to historical patterns. The intent is to effectively prevent any forms of account sharing or remote account owning, by requiring an alternate form of verification if a significant anomaly is detected.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Martín-Albo, D., Leiva, L., Huang, J., Plamondon, R.: Strokes of insight: user intent detection and kinematic compression of mouse cursor trails. Inf. Process. Manag. 52(6), 989–1003 (2016)
Hills, M., Anjali, A.: A human factors contribution to countering insider threats: practical prospects from a novel approach to warning and avoiding. Secur. J. 30(1), 142–152 (2017)
Almehmadi, A., El-Khatib, K.: On the possibility of insider threat prevention using intent-based access control (IBAC). IEEE Syst. J. 11(2), 373–384 (2017)
Mills, J., Stuban, S., Dever, J.: Predict insider threats using human behaviors. IEEE Eng. Manag. Rev. 45(1), 39–48 (2017)
Thing, V., Liau, Y., Divakaran, D., Ko, L.: Insider threat detection and its future directions. Int. J. Secur. Netw. 12(3), 168 (2017)
Kloft, M., Laskov, P.: Online anomaly detection under adversarial impact. In: Teh, Y.W., Titterington, M. (eds.) Proceedings of the Thirteenth International Conference on Artificial Intelligence and Statistics, Series Proceedings of Machine Learning Research, vol. 9, pp. 405–412. Chia Laguna Resort, Sardinia (2010)
Moriano, P., Pendleton, J., Rich, S., Camp, L.J.: Insider threat event detection in user-system interactions. In: Proceedings of the 2017 International Workshop on Managing Insider Security Threats, pp. 1–12. ACM (2017)
Weak Healthcare Cybersecurity Employee Training Affects IT Security (2018). https://healthitsecurity.com/news/weak-healthcare-cybersecurity-employee-training-affects-it-security
Cybersecurity labor crunch to hit 3.5 million unfilled jobs by 2021 (2018). https://www.csoonline.com/article/3200024/cybersecurity-labor-crunch-to-hit-35-million-unfilled-jobs-by-2021.html
Fully 84 Percent of Hackers Leverage Social Engineering in Cyber Attacks (2018). https://www.esecurityplanet.com/hackers/fully-84-percent-of-hackers-leverage-social-engineering-in-attacks.html
Connecting the Dots: The Human Factor and the Cost of Cybercrime (2018). https://www.wombatsecurity.com/blog/phishing-social-engineering-the-human-factor-and-the-cost-of-cybercrime
Social engineering attacks costly for business (2018). https://www.csoonline.com/article/2129673/social-engineering-attacks-costly-for-business.html
Social Engineering: The Fastest Growing Threat to Business - Threat Sketch (2018). https://threatsketch.com/social-engineering-growing-threat-business/
CERT Definition of ‘Insider Threat’ – Updated (2018). https://insights.sei.cmu.edu/insider-threat/2017/03/cert-definition-of-insider-threat—updated.html
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Sasko, A., Hillsgrove, T., Gagneja, K., Katugampola, U. (2019). System Usage Profiling Metrics for Notifications on Abnormal User Behavior. In: Doss, R., Piramuthu, S., Zhou, W. (eds) Future Network Systems and Security. FNSS 2019. Communications in Computer and Information Science, vol 1113. Springer, Cham. https://doi.org/10.1007/978-3-030-34353-8_11
Download citation
DOI: https://doi.org/10.1007/978-3-030-34353-8_11
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-34352-1
Online ISBN: 978-3-030-34353-8
eBook Packages: Computer ScienceComputer Science (R0)