Muhammad Zunair Ahmed Khan, Muhammad Mubashir Khan, J. Arshad
{"title":"使用用户和实体行为分析(UEBA)的异常检测和企业安全","authors":"Muhammad Zunair Ahmed Khan, Muhammad Mubashir Khan, J. Arshad","doi":"10.1109/ICONICS56716.2022.10100596","DOIUrl":null,"url":null,"abstract":"Digital frauds are made possible by a lack of transparency and other security flaws in a system. Consequently, it has grown to be the most pervasive problem in the world. When these frauds emerge from within businesses, they are referred to as insider threats and may lead to severe consequences. There have been various frameworks proposed to lessen this problem, however, transparency still remains a challenge. Conventionally, storing data in chronological order to prevent data manipulation is one technique to ensure traceability and security. In this paper, we present a framework based on User Entity and Behavioral Analysis (UEBA) approach to study user profiles over time and classify them as normal or aberrant. The proposed framework utilises additional information including IP addresses, location data, and the users’ organizations etc. We focus on applying data science and analytical methods to create data visualizations for analysis and anomaly identification.","PeriodicalId":308731,"journal":{"name":"2022 3rd International Conference on Innovations in Computer Science & Software Engineering (ICONICS)","volume":"91 13 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-12-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Anomaly Detection and Enterprise Security using User and Entity Behavior Analytics (UEBA)\",\"authors\":\"Muhammad Zunair Ahmed Khan, Muhammad Mubashir Khan, J. Arshad\",\"doi\":\"10.1109/ICONICS56716.2022.10100596\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Digital frauds are made possible by a lack of transparency and other security flaws in a system. Consequently, it has grown to be the most pervasive problem in the world. When these frauds emerge from within businesses, they are referred to as insider threats and may lead to severe consequences. There have been various frameworks proposed to lessen this problem, however, transparency still remains a challenge. Conventionally, storing data in chronological order to prevent data manipulation is one technique to ensure traceability and security. In this paper, we present a framework based on User Entity and Behavioral Analysis (UEBA) approach to study user profiles over time and classify them as normal or aberrant. The proposed framework utilises additional information including IP addresses, location data, and the users’ organizations etc. We focus on applying data science and analytical methods to create data visualizations for analysis and anomaly identification.\",\"PeriodicalId\":308731,\"journal\":{\"name\":\"2022 3rd International Conference on Innovations in Computer Science & Software Engineering (ICONICS)\",\"volume\":\"91 13 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-12-14\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2022 3rd International Conference on Innovations in Computer Science & Software Engineering (ICONICS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICONICS56716.2022.10100596\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 3rd International Conference on Innovations in Computer Science & Software Engineering (ICONICS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICONICS56716.2022.10100596","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Anomaly Detection and Enterprise Security using User and Entity Behavior Analytics (UEBA)
Digital frauds are made possible by a lack of transparency and other security flaws in a system. Consequently, it has grown to be the most pervasive problem in the world. When these frauds emerge from within businesses, they are referred to as insider threats and may lead to severe consequences. There have been various frameworks proposed to lessen this problem, however, transparency still remains a challenge. Conventionally, storing data in chronological order to prevent data manipulation is one technique to ensure traceability and security. In this paper, we present a framework based on User Entity and Behavioral Analysis (UEBA) approach to study user profiles over time and classify them as normal or aberrant. The proposed framework utilises additional information including IP addresses, location data, and the users’ organizations etc. We focus on applying data science and analytical methods to create data visualizations for analysis and anomaly identification.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
