Logo

projectwaka-Logo

hello@projectwaka.com

Donate to support
Logo

Home / Computer Science / 112163pw/ Chapter Two

  • Use Of Network Activity Monitoring System To Solve Problems Case Study Of Benue Internal Revenue Service

    Request Complete PDF Copy on WhatsApp

    • CHAPTER TWO -- [Total Page(s) 5]

    Page 5 of 5

    Previous   1 2 3 4 5

    • File activity monitoring products are designed to monitor the patterns of legitimate users accessing enterprise file stores and alert security administrators to unusual activity. FAM is designed to go above and beyond the access control and logging capabilities built-in to operating systems, providing a usable way to perform both proactive and reactive security monitoring.
      FAM solutions could be used to:
      Track file access in real time and take action when abnormal activity is detected. The definition of "abnormal" may be customized to individual users, groups or the entire organization.
      Audit all accesses to a file in the event of a data leak to assist with the investigation.
      Identify all files accessed by a particular user who is suspected of corporate espionage.
      Identify users that have access permissions but are not using them. This may be especially helpful when performing audits designed to identify permissions that have accumulated as a result of privilege creep but are no longer necessary.
      2.10    Detecting Insider Threats by Monitoring System Call Activity
      (Kuenning et al, 2001) analysed the detection of inside threats by monitoring system call activities. In their paper, they analysed there results using system call traces to see if it is possible to detect insider threats by monitoring file access and process activity, raw data are looked at in a different manner: the relationships between users and files, users and processes, and processes and files. By analysing these models and relationships, the authors want to learn whether it is possible to build an effective insider threat detection system for each of these relationships. If any of the models do not work, they want to discover the reasons and all technical difficulties behind the problem. Furthermore, they want to discover any characteristics or promising approaches that can help to build good profiles for users and processes. As a proof of concept, they implemented a small detection system that use one of these profiles to detect a large set of buffer-overflow attacks.
      To analyse file access and process execution, they has a log of system activity, they already had a large database of system call traces, collected for the project using software developed for Seer. The traces were collected from ten machines with twenty users over two years. Their approach for analysing file access was to develop patterns for two models: user-oriented and process oriented. When analysing patterns for each user, the authors decided to categorize the users into two sets: system users and normal users.
      At the end of the result, the authors where able to design a system that detects insider misbehaviour, monitor system call activity and watch for danger signs or unusual behaviour. The authors describe an experimental system designed to test this approach. They tested the system’s ability to detect common insider misbehaviour by examining file system and process-related system calls management

    • CHAPTER TWO -- [Total Page(s) 5]

    Page 5 of 5

    Previous   1 2 3 4 5
    • ABSRACT - [ Total Page(s): 1 ]Abtsract coming soon ... Continue reading---

         

      APPENDIX A - [ Total Page(s): 4 ]Regadmin.php ... Continue reading---

         

      APPENDIX B - [ Total Page(s): 6 ] ... Continue reading---

         

      CHAPTER ONE - [ Total Page(s): 2 ]The objective of this work is to develop a system that should be able to;➢    Detect active users.➢    Provide accurate evidence on corporate fraud when investigation is being carried out in an organization.➢    Monitor the daily activities of every user in a network in real time.➢    Has a good memory management for efficient carrying out of activities.1.4    Significance of StudyTherefore some of the significance and benefits of this work include:➢    ... Continue reading---

         

      CHAPTER THREE - [ Total Page(s): 3 ]CHAPTER THREESYSTEM ANALYSIS AND RESEARCH METHODOLOGY3.1    IntroductionSystem analysis is the study of a system, with the view to determine the bottlenecks and desired end product and establish the most efficient method of obtaining this end (American Heritage Dictionary, 2003). It is the analysis of the requirements of a task, and expression of these tasks in a form that enables a computer to perform the task. System analysis also refers to the process through which an existing system is ex ... Continue reading---

         

      CHAPTER FOUR - [ Total Page(s): 7 ] ... Continue reading---

         

      CHAPTER FIVE - [ Total Page(s): 1 ]CHAPTER FIVE SUMMARY AND CONCLUSION5.1    SummaryThe topic of this work was reviewed in chapter one with the view of solving the problems encountered in the Ministry of Benue Internal Revenue Service, Benue state. During the course of the research, the present system was analysed in other to detect the bottlenecks using Structured System Analysis and Design Methodology. Object oriented analysis and design methodology was found sufficient and efficient in the design of the proposed system.5.2 ... Continue reading---

         

      REFRENCES - [ Total Page(s): 1 ]ReferencesBalasubramania. N. A. Balasubramania and A. Venkataramani (2009) Energy consumption in mobile phone: A measurement study and implication for network application.Christopher Wiggins () Network Engineer at Micro Technology Consultants, Inc Fitzgerald, GeorgiaKuenning, G.H. et al (2001) Detecting Insider Threats by Monitoring System Call Activity, Proceedings of the 2003 IEEE Workshop on Information Assurance United States Military Academy, West Point.Ningning Hu 2006) Network Monitoring ... Continue reading---

         
    Request Complete PDF Copy on WhatsApp