Open Access. Powered by Scholars. Published by Universities.®
Physical Sciences and Mathematics Commons™
Open Access. Powered by Scholars. Published by Universities.®
Articles 1 - 2 of 2
Full-Text Articles in Physical Sciences and Mathematics
Development Of A Methodology For Customizing Insider Threat Auditing On A Linux Operating System, William T. Bai
Development Of A Methodology For Customizing Insider Threat Auditing On A Linux Operating System, William T. Bai
Theses and Dissertations
Insider threats can pose a great risk to organizations and by their very nature are difficult to protect against. Auditing and system logging are capabilities present in most operating systems and can be used for detecting insider activity. However, current auditing methods are typically applied in a haphazard way, if at all, and are not conducive to contributing to an effective insider threat security policy. This research develops a methodology for designing a customized auditing and logging template for a Linux operating system. An intent-based insider threat risk assessment methodology is presented to create use case scenarios tailored to address …
Digital Signal Processing Leveraged For Intrusion Detection, Theodore J. Erickson
Digital Signal Processing Leveraged For Intrusion Detection, Theodore J. Erickson
Theses and Dissertations
This thesis describes the development and evaluation of a novel system called the Network Attack Characterization Tool (NACT). The NACT employs digital signal processing to detect network intrusions, by exploiting the Lomb-Scargle periodogram method to obtain a spectrum for sampled network traffic. The Lomb-Scargle method for generating a periodogram allows for the processing of unevenly sampled network data. This method for determining a periodogram has not yet been used for intrusion detection. The spectrum is examined to determine if features exist above a significance level chosen by the user. These features are considered an attack, triggering an alarm. Two traffic …