The banking and stock exchange industries suffer from insider threat detection problems, which are being exacerbated by the rapid digitization of financial infrastructure. Traditional security measures would become increasingly ineffective when dealing with sophisticated internal actors that have legitimate access credentials. An advanced ML detection framework called Threat Sense is introduced here, which distinctively relies on and integrates behavioral analytics, temporal pattern recognition, and digital forensics capabilities for the protection of enterprise financial systems. The framework employs multivariate temporal sequence mining algorithms for detecting suspicious behavioral patterns with a very high accuracy rate in different transaction volumes and user activity patterns to make sure the firms are dealing with secure transactions. The trials for its application in three totally different financial institutions confirmed that the optimal operation is within adjusted data environments, and the detection power is directly proportional to the quality of data and accuracy of behavioral baseline measurements. The system provides continuous monitoring; it generates actionable security alerts while the forensic evidence’s chain-of-custody is meticulously preserved for later use in legal proceedings. In contrast to traditional detection systems, ThreatSense was able to detect the unauthorized access of financial data, covert transaction modifications, and the leakage of data at a high grade during the penetration testing exercises.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Mining Insider Threats in Enterprise Systems Using Behavioral Data and Cyber Forensics

  • Dhruv Dhayal,
  • Pratham Aggarwal,
  • Manzoor Ansari,
  • Masood Alam,
  • Murad Younas

摘要

The banking and stock exchange industries suffer from insider threat detection problems, which are being exacerbated by the rapid digitization of financial infrastructure. Traditional security measures would become increasingly ineffective when dealing with sophisticated internal actors that have legitimate access credentials. An advanced ML detection framework called Threat Sense is introduced here, which distinctively relies on and integrates behavioral analytics, temporal pattern recognition, and digital forensics capabilities for the protection of enterprise financial systems. The framework employs multivariate temporal sequence mining algorithms for detecting suspicious behavioral patterns with a very high accuracy rate in different transaction volumes and user activity patterns to make sure the firms are dealing with secure transactions. The trials for its application in three totally different financial institutions confirmed that the optimal operation is within adjusted data environments, and the detection power is directly proportional to the quality of data and accuracy of behavioral baseline measurements. The system provides continuous monitoring; it generates actionable security alerts while the forensic evidence’s chain-of-custody is meticulously preserved for later use in legal proceedings. In contrast to traditional detection systems, ThreatSense was able to detect the unauthorized access of financial data, covert transaction modifications, and the leakage of data at a high grade during the penetration testing exercises.