Center for information Technology and Engineering M.S.University, Tirunelveli, India.


It is widely recognized that the threat to enterprises from insider activities is increasing and
that significant costs are being incurred. The multi-faceted dimensions of insider threat and
compromising actions have resulted in a diverse experience and understanding of what insider
threats are and how to detect or prevent them. The purpose of this research is to investigate the
potential for near real-time detection of insider threat activities within a large enterprise environment
using monitoring tools centred on the information infrastructure. As inside threat activities are not
confined solely to cyber-based threats, the research will explore the potential for harnessing a
variety of threat indicators buried in a different enterprise operations connected or interfacing with
the information infrastructure, while enabling human analysts to make informed decisions efficiently
and effectively.


Intrusion detection and prevention system (IDPS); TCP; UDP; ICMP; time to leave (TTL)

Download this article as: 

Copy the following to cite this article:

Copy the following to cite this URL:

Share Knowledge: Share on LinkedInShare on FacebookTweet about this on TwitterShare on Google+Share on RedditEmail this to someone

Comments are closed.