Abstract
A lot of work has been done to prevent attacks from external sources and a great deal of success has been achieved. However, studies to detect internal attacks aren’t sufficient today. One of the most important studies for the detection of insider attacks is User and Entity Behavior Analysis (UEBA). In this letter, UEBA studies in the literature were reviewed and The Computer Emergency and Response Team Dataset was analyzed (CERT). For this purpose, preprocessing and feature extraction steps were applied on CERT datasets. Several log files combined with respect to user and for each user the number of activities in the specified time interval were obtained. The python code of these preprocessing and feature extraction steps were shared as open source in GitHub platform. In the final phase, future analysis was described and UEBA system planned to be designed was explained.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: Journal of Soft Computing and Artificial Intelligence
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
