TY - GEN
T1 - Visualizing insider threats
T2 - 22nd International Conference on Intelligent User Interfaces, IUI 2017
AU - Haim, Bar
AU - Menahem, Eitan
AU - Wolfsthal, Yaron
AU - Meenan, Christopher
PY - 2017/3/7
Y1 - 2017/3/7
N2 - With the ever-growing volume of cyber-attacks on organizations, security analysts require effective visual interfaces and interaction techniques to detect security breaches and, equally importantly, to efficiently share threat information. To support this need, we present a tool called "User Behavior Analytics" (UBA) that conducts continuous analysis of individuals' usage of their organizational IT networks, and effectively visualizes the associated security exposures of the organization. The UBA tool was developed as an extension of IBM's security analytics environment, and incorporates a risk-focused dashboard that highlights anomalous user behaviors and the aggregated risk levels associated with individual users, user groups, and overall system security state. Moreover, the tool's dashboard has been designed to facilitate rapid review of security incidents and correlate them with data from various sources such as user directory and HR systems. In doing so, the tool presents busy security analysts with an effective means to visually identify and respond to cyber threats on the organization's crown jewels. Copyright is held by the author/owner(s).
AB - With the ever-growing volume of cyber-attacks on organizations, security analysts require effective visual interfaces and interaction techniques to detect security breaches and, equally importantly, to efficiently share threat information. To support this need, we present a tool called "User Behavior Analytics" (UBA) that conducts continuous analysis of individuals' usage of their organizational IT networks, and effectively visualizes the associated security exposures of the organization. The UBA tool was developed as an extension of IBM's security analytics environment, and incorporates a risk-focused dashboard that highlights anomalous user behaviors and the aggregated risk levels associated with individual users, user groups, and overall system security state. Moreover, the tool's dashboard has been designed to facilitate rapid review of security incidents and correlate them with data from various sources such as user directory and HR systems. In doing so, the tool presents busy security analysts with an effective means to visually identify and respond to cyber threats on the organization's crown jewels. Copyright is held by the author/owner(s).
KW - Anomaly detection
KW - Insider threat
KW - User behavior analytics
UR - http://www.scopus.com/inward/record.url?scp=85016638587&partnerID=8YFLogxK
U2 - 10.1145/3030024.3038264
DO - 10.1145/3030024.3038264
M3 - Conference contribution
AN - SCOPUS:85016638587
T3 - International Conference on Intelligent User Interfaces, Proceedings IUI
SP - 39
EP - 42
BT - IUI 2017 - Companion of the 22nd International Conference on Intelligent User Interfaces
PB - Association for Computing Machinery
Y2 - 13 March 2017 through 16 March 2017
ER -