Faisal M. Sibai

Learn More
There has been a constant growing security concern on insider attacks on network accessible computer systems. Users with power credentials can do almost anything they want with the systems they own with very little control or oversight. Most breaches occurring nowadays by power users are considered legitimate access and not necessarily intrusions.(More)
Insider threats are a growing problem in today's organizations. Detecting such attacks is especially challenging because most system owners and system administrators use networks to remotely manage the systems they are responsible for. In previous work, we introduced the Autonomic Violation Prevention System (AVPS) that has a scalable architecture to deal(More)
—Dealing with the insider threat in networked environments poses many challenges. Privileged users have great power over the systems they own in organizations. To mitigate the potential threat posed by insiders, we introduced in previous work a preliminary architecture for the Autonomic Violation Prevention System (AVPS), which is designed to self-protect(More)
—Dealing with the insider threat in networked environments poses many challenges. Privileged users have great power over the systems they own in organizations. To mitigate the potential threat posed by insiders, we introduced in previous work a preliminary architecture for the Autonomic Violation Prevention System (AVPS), which is designed to self-protect(More)
  • 1