Title: Detection of Insider Threat Based on Forensic Analysis of Windows
Abstract: Insider threats are security threats by actors having access to the organization’s IT infrastructure like employees, contractors, etc. Conventional network security systems can fail in detecting insider threats as the malicious activity never crosses the endpoint. Most researchers focus on monitoring a user’s activity on a host machine to detect threats. However, in the absence of a monitoring mechanism when responding to an insider threat attack, it is impossible to detect the threats. In our paper, we apply forensic analysis of a Windows machine to detect insider attacks.
Publication Year: 2022
Publication Date: 2022-01-01
Language: en
Type: book-chapter
Indexed In: ['crossref']
Access and Citation
AI Researcher Chatbot
Get quick answers to your questions about the article from our AI researcher chatbot