-
1
Anomaly detection using pattern-of-life visual metaphors
Published 2019“…Similar to other anomaly-detection techniques, false positives do exist in our general approach as well. …”
Journal article -
2
Modeling Advanced Persistent Threats to enhance anomaly detection techniques
Published 2018“…We find that attributes from the Command and Control phase of these attacks provide unique features that can be used by any anomaly detection systems. We further validate how expressive our abstract models are by formalizing a fifth APT and examining the behavior that was not captured.…”
Journal article -
3
A state machine system for insider threat detection
Published 2019“…Research has focused on providing rule-based detection systems or anomaly detection tools which use features indicative of malicious insider activity. …”
Conference item -
4
A Tripwire Grammar for Insider Threat Detection
Published 2016“…We then orchestrate these tripwires in conjunction with an anomaly detection system and present an approach to formalising tripwires of both categories. …”
Conference item -
5
Insider-threat detection: Lessons from deploying the CITD tool in three multinational organisations
Published 2022“…In order to fill this gap, we collaborated with three multinational commercial organisations who trialled our anomaly detection system, and worked with us to understand performance constraints for insider threat detection deployment and innate weaknesses in their operational contexts. …”
Journal article -
6
A Bayesian approach to insider threat detection
Published 2021“…The majority of proposed models for insider threat anomaly detection, mainly focus on processing network data. …”
Journal article -
7
Formalising policies for insider-threat detection: A tripwire grammar
Published 2017“…We then orchestrate these tripwires in conjunction with an anomaly detection system. We present a review of the security policies organisation apply and a grammar to describe tripwires. …”
Journal article