Learn More
Malicious insiders represent one of the most difficult categories of threats an organization must consider when mitigating operational risk. Insiders by definition possess elevated privileges; have knowledge about control measures; and may be able to bypass security measures designed to prevent, detect, or react to unauthorized access. In this paper, we(More)
Log management and monitoring activities have traditionally proved very useful in detecting system and network faults. Increasingly, log monitoring has also been recognized for its value in detecting and thwarting malicious behavior on systems and the network. Unfortunately, the centralized methodologies for conducting log monitoring are often not well(More)
Military and defense organizations rely upon the security of data stored in, and communicated through, their cyber infrastructure to fulfill their mission objectives. It is essential to identify threats to the cyber infrastructure in a timely manner so mission risks can be recognized and mitigated. Centralized event logging and correlation is a proven(More)
  • 1