Insider cyber threat situational awareness framwork using dynamic Bayesian networks

Insider cyber threat is a serious problem in resent years. Many traditional methods such as intrusion detection system and prevention system can not effectively deal with insider attack problems because they lack of dynamic inference capability to acquire and understand cyber situational awareness. This paper presented a framework model based on DBN to capture the dynamic user behavior and establish and improve inference ability. This model has used transition relationship of DBN and HMM and its better performance inference algorithm to infer next activity. Those performances are verified and compared by the experiments in the end.