Other formats:
BibTeX
LaTeX
RIS
@inproceedings{1699257, author = {Macák, Martin and Vanát, Ivan and Merjavý, Michal and Jevočin, Tomáš and Bühnová, Barbora}, address = {New York}, booktitle = {2020 Seventh International Conference on Social Networks Analysis, Management and Security (SNAMS)}, doi = {http://dx.doi.org/10.1109/SNAMS52053.2020.9336573}, keywords = {process mining; insider threat; audit log}, howpublished = {elektronická verze "online"}, language = {eng}, location = {New York}, isbn = {978-0-7381-1180-3}, pages = {250-255}, publisher = {IEEE}, title = {Towards Process Mining Utilization in Insider Threat Detection from Audit Logs}, url = {https://ieeexplore.ieee.org/document/9336573}, year = {2020} }
TY - JOUR ID - 1699257 AU - Macák, Martin - Vanát, Ivan - Merjavý, Michal - Jevočin, Tomáš - Bühnová, Barbora PY - 2020 TI - Towards Process Mining Utilization in Insider Threat Detection from Audit Logs PB - IEEE CY - New York SN - 9780738111803 KW - process mining KW - insider threat KW - audit log UR - https://ieeexplore.ieee.org/document/9336573 N2 - Nowadays, insider threats are one of the most significant cybersecurity threats. They are much more difficult to detect than external threats since insiders are authorized employees with legitimate access to the organization's resources. Malicious insider knows the organization and can act inconspicuously. Furthermore, threats do not even have to be intentional. Therefore, there can be a complicated background of malicious insider behavior, making it challenging to react adequately to these threats. In this paper, we propose to utilize process mining for insider threat detection using the organization's audit logs. We present the three different types of process mining utilization for insider threat detection from audit logs and discuss their usefulness, namely visual analysis, conformance checking, and declarative conformance checking. Lastly, we give recommendations for future work in this area based on our experience. ER -
MACÁK, Martin, Ivan VANÁT, Michal MERJAVÝ, Tomáš JEVOČIN and Barbora BÜHNOVÁ. Towards Process Mining Utilization in Insider Threat Detection from Audit Logs. Online. In \textit{2020 Seventh International Conference on Social Networks Analysis, Management and Security (SNAMS)}. New York: IEEE, 2020, p.~250-255. ISBN~978-0-7381-1180-3. Available from: https://dx.doi.org/10.1109/SNAMS52053.2020.9336573.
|