Server Monitoring Application for Insider Attack Detection and Prevention

Abstract

Although insider attacks have increased rapidly in recent years and cause enormous damages, there are very few academic studies that have investigated this problem and proposed a solution. Many of these attacks are kept private for reasons such as loss of prestige and advantage of competing companies. The main difference between insider attacks and external attacks is that in the former case, attackers are authorized users in the organization. This causes countermeasures against external attacks to be useless and facilitates the exploitation of weaknesses. In the detection of insider attacks, all unusual events need to be scrutinized. Therefore, risk assessment should be done first to determine vulnerabilities against insider attacks and necessary precautions should be taken in this direction. In this study, general insider attack features and past attacks were investigated, and a server monitoring application was developed to detect suspicious activities. Organizations using this system will be informed about their level of risk, and improve their level of preparation and ability to identify potential attackers by analyzing the collected data.

Authors and Affiliations

Halil İbrahim ULUS, Mehmet DEMİRCİ

Keywords

Related Articles

Artificial Neural Network Based Early Warning System For Aydin Province Towards Air Factors Which Primarily Affect Human Health

Temperature, air quality index and ultraviolet index, which are basic air parameters, affect human health significantly. It is important to inform people about the precautions to be taken for these factors affecting huma...

Design and Control of Multi – Input Multi – Output DC-DC Converter for Neutral Point Clamped Inverters

In this study, multi-input multi-output DC/DC converter topology is presented for both multi-source operation and voltage unbalancing of Neutral Point Clamped (NPC) inverters. Multi-source operation is provided with mult...

Design and Numerical Analysis of a Double-Tube Magnetorheological Shock Absorber for Vehicle Seat Suspension Systems

In scissors-type suspension mechanisms of the driver's seats of vehicles such as tractors, trucks and buses, conventional double-tube shock absorbers are often used as dampers due to the length of the course. The damping...

The Effect of Heat Treatments on Alloying of Pre-mixed Al + 4.5 wt. % Cu Powders

In this study, 4.5 wt. % Cu powder was added to Al powder and mixed for 45 minutes to produce premixed metal powders. Premixed powders were compacted by cold pressing at 20 MPa. After that these samples were pressed at 5...

Predicting Academic Achievement with Machine Learning Methods

In spite of the projects and physical investments implemented in the field of education in our country in recent years, the successes of the students in the national and international examinations has not increased at th...

Download PDF file
  • EP ID EP490828
  • DOI 10.29109/gujsc.351365
  • Views 77
  • Downloads 0

How To Cite

Halil İbrahim ULUS, Mehmet DEMİRCİ (2018). Server Monitoring Application for Insider Attack Detection and Prevention. Gazi Üniversitesi Fen Bilimleri Dergisi Part C: Tasarım ve Teknoloji, 6(3), 507-523. https://europub.co.uk./articles/-A-490828