Considering various business workflows or deployment scope, printer manufacturers provide various
solutions/configurations to counter misuse of resources, document security, along with ease of use.
It is a challenge to track/flag a compromised device.
Existing malicious activity detection approaches use either signature‐based detection or require a
prior knowledge of specific IoC (indicators of compromise) characteristics or behaviours from manual
identification based on network anomalies or SIEM (Security Information and Event Management)
logs, etc. The proposed idea contributes to extended detection and response (XDR) within ecosystem
of deployment. Solution is to keep monitoring all outgoing network traffic within the host, uniquely
assess their integrity with user job flow data and classify any malicious activity with more precision,
alert device user and admin through SIEM for actionable security response.
Creative Commons License
This work is licensed under a Creative Commons Attribution-Share Alike 4.0 License.
INC, HP, "DETECT ROGUE loT BASED ON THE BEHAVIOUR ANALYSIS OF DEVICE WORKFLOW PATTERNS", Technical Disclosure Commons, (February 10, 2021)