The technology is based on structured behavior tracking and not on statistical averages Reduction in false positive rate Improved report quality Detection of more advanced cases
About
In many instances, most damaging information attacks are perpetrated by privileged insiders. Malicious insiders utilize the power of human intellect unmatched by computers, and, being insiders, the knowledge of "what to look for" and "how to access it". The insider’s behavior leaves digital trails (computer log data) that could be observed and processed for the detection of malicious intent before the damage was incurred. This is done by bridging many available sources of information into more understandable event graphs, connected by causal relationships. These event graphs will provide more insight into the reasoning behind certain actions of the privileged insid-er. The behavior formalization approach, proposed herein, is intended for a wide class of complex systems with human operators. Resultant models are suitable for the solution of behavior analysis problems ultimately addressing the safety and efficiency of critical infrastructure. The deployment of the proposed technology in a computer system will surely make the task of performing insider attacks by the privileged users more difficult and risky. KEY ELEMENTS Creation of individual defenses for systems that could be targeted by information attack Capable of detecting any "extracurricular" activities, either malicious or benign Seamlessly upgraded normalcy profile APPLICATIONS The behavior formalization approach system is intended for a wide class of complex systems with human operators (i.e. computer systems) ADVANTAGES The technology is based on structured behavior tracking and not on statistical averages Reduction in false positive rate Improved report quality Detection of more advanced cases PATENTING Patent strategy is currently under evaluation.