Visible to the public Detecting Insider Threats in Software Systems using Graph Models of Behavioral PathsConflict Detection Enabled

TitleDetecting Insider Threats in Software Systems using Graph Models of Behavioral Paths
Publication TypeConference Proceedings
Year of Publication2015
AuthorsHemank Lamba, Thomas Glazier, Bradley Schmerl, Jurgen Pfeffer, David Garlan
Conference NameHotSoS '15 Proceedings of the 2015 Symposium and Bootcamp on the Science of Security
Date Published04/21/2015
PublisherACM New York, NY, USA ©2015
Conference LocationUrbana-Champaign, IL
ISBN Number978-1-4503-3376-4
KeywordsCMU, July'15

Insider threats are a well-known problem, and previous studies have shown that it has a huge impact over a wide range of sectors like financial services, governments, critical infrastructure services and the telecommunications sector. Users, while interacting with any software system, leave a trace of what nodes they accessed and in what sequence. We propose to translate these sequences of observed activities into paths on the graph of the underlying software architectural model. We propose a clustering algorithm to find anomalies in the data, which can be combined with contextual information to confirm as an insider threat.

Citation Keynode-24937

Other available formats:

Lamba_Detecting_Insider_Threats_DG.pdfPDF document268.14 KBDownloadPreview