As a countermeasure against insider threats in a broad sense, a method of detecting suspicious behavior of the accounts on a file server is presented. Our proposed method employs some statistics as usage features and the deviation from other users as an anomaly score. An experiment is conducted on a file server which is actually used by tens of thousands of users. We report some characteristic behavior of the accounts which are detected as anomaly by the method.
CITATION STYLE
Ohori, R., & Torii, S. (2017). Suspicious user detection based on file server usage features. In Advances in Intelligent Systems and Computing (Vol. 612, pp. 467–470). Springer Verlag. https://doi.org/10.1007/978-3-319-61542-4_44
Mendeley helps you to discover research relevant for your work.