Network Packet Analysis for Detecting Malicious Insider

With the wide spread use of the Internet, the cyber crimes have also increased. The industries are facing more and more cyber threats. The threats to an organization come not only from the outside but also from within the organization. The malicious insider in an organization uses the network facility to do the industrial espionage. The information in the form of packets that is being transferred over the network is essential to be analyzed to identify the suspicious activities. The paper proposes a framework to identify the various activities being performed by the user based on the network packet analysis. A methodology is proposed to identify the malicious insider in an organization.