Anomalies in network access create unwanted flow of traffic in organizational networks. They include unauthorized access by users such as IP address belonging to one comp...Show More
Metadata
Abstract:
Anomalies in network access create unwanted flow of traffic in organizational networks. They include unauthorized access by users such as IP address belonging to one company being used by an employee of another company or accessing organizational IP's from outside the company network or locations. They pose the threat to data integrity and could result in business data being exposed to third party networks. Some users having remote access, connect to office networks from their personal networks while travelling or working from home. In spite of leaving an organization, some users could still access company networks if their access are not revoked properly. This paper through UEBA approach, focuses on monitoring user profiles, their network usage data, IP Addresses, Location of Access and Companies to which users belong to, over a period of time and classify them into normal usage and anomalies. The researchers use data visualization analytics method to create visual representations of data for analysis and detecting anomalies in them.