The principal objective of this project is to develop a knowledge base of the tactics, techniques, and procedures (TTPs) used by insiders in the IT environment. It will establish an Insider Threat TTP Knowledge Base, built upon data collected on insider threat incidents and lessons learned and experience from the ATT&CK knowledge base.
A digital immune system designed to detect and neutralize identity-based threats from within an organization
Personal data analysis project combining insider threat detection, cybersecurity, and exploratory data analytics. Built for portfolio showcase and practical skills demonstration.
A Hybrid Approach for Insider Threat Detection Using System Call Analysis and Malware API Monitoring.
Simulated threat detection project using Splunk with custom logs, dashboard, and MITRE ATT&CK mapping
The Public Distribution List and Mailbox Forward Reports are developed to enhance security auditing in Microsoft 365’s Exchange Online and on-premises Exchange environments.
Simulated and detected a stealthy insider threat ‘Alex’, who moved from file snooping to SSH brute-forcing. Includes PCAPs, Zeek logs, NetworkMiner analysis, and a full incident report.
The Common Criteria for Insider Threat
Insider Threat Monitor
생성형 AI를 활용한 국가안보 침해 내부자 행위 선제 감시 체계 설계
Thesis project
Add a description, image, and links to the insider-threat topic page so that developers can more easily learn about it.
To associate your repository with the insider-threat topic, visit your repo's landing page and select "manage topics."
