{"title":"Using the Actionable Intelligence Approach for the DPI of Cybercrime Insider Investigation","authors":"Da-Yu Kao","doi":"10.23919/ICACT48636.2020.9061338","DOIUrl":null,"url":null,"abstract":"Cybercrime threats are often originating from trusted, malicious, or negligent insiders, who have excessive access privileges to an organization's network, system, or data. The sophistication of insider threats has led to cybercrime issues. Even when an incident is detected, the follow-up countermeasures are required to analyze the results. The analysis of cybercrime insider investigation presents many opportunities for actionable intelligence on improving the quality and value of digital evidence. There are several advantages of applying Deep Packet Inspection (DPI) methods in cybercrime insider investigation. This study discusses the importance of actionable intelligence to conduct investigations and addresses the countermeasure of a cybercrime insider investigation with DPI to detect anomalies in network packets.","PeriodicalId":296763,"journal":{"name":"2020 22nd International Conference on Advanced Communication Technology (ICACT)","volume":"156 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 22nd International Conference on Advanced Communication Technology (ICACT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.23919/ICACT48636.2020.9061338","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1
Abstract
Cybercrime threats are often originating from trusted, malicious, or negligent insiders, who have excessive access privileges to an organization's network, system, or data. The sophistication of insider threats has led to cybercrime issues. Even when an incident is detected, the follow-up countermeasures are required to analyze the results. The analysis of cybercrime insider investigation presents many opportunities for actionable intelligence on improving the quality and value of digital evidence. There are several advantages of applying Deep Packet Inspection (DPI) methods in cybercrime insider investigation. This study discusses the importance of actionable intelligence to conduct investigations and addresses the countermeasure of a cybercrime insider investigation with DPI to detect anomalies in network packets.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
