Abstract :
Whether programs are called data loss prevention, content monitoring and filtering, employee activity monitoring, counter corruption, insider trading, or fraud detection, organizations have increasingly implemented projects and initiatives to examine and address insider threats. Insider-perpetrated computer crime is committed by individuals who have permission to use a system, and it is, therefore, based on the actions of trusted users. Most information walks out the front door, not through the firewall. This paper presents a theoretical model for analyzing human behavior according to an organization´s compliance with legal, institutional, and organizational laws. The theory uses case-based reasoning (CBR) technologies in conjunction with directed acyclic graphs (DAG) and a Hamming similarity function. Defined paths and path deviations in the graphs can be classified to answer automated questions(W7) regarding compliance. The procedure for this model is borrowed from criminology and is referred to as compliance profiling.
Keywords :
behavioural sciences computing; case-based reasoning; computer crime; computer forensics; directed graphs; CBR; DAG; Hamming similarity function; case based reasoning; compliance profiling; computer crime; content filtering; content monitoring; counter corruption; data loss prevention; directed acyclic graphs; employee activity monitoring; forensic questions; fraud detection; human behavior analysis; insider trading; Computerized monitoring; Forensics; Humans; Information analysis; Information filtering; Information security; Law; Legal factors; Stock markets; Uncertainty;
