Title :
Identifying and Visualizing the Malicious Insider Threat Using Bipartite Graphs
Author :
Nance, Kara ; Marty, Raffael
Author_Institution :
Dept. of Comput. Sci., Univ. of Alaska Fairbanks, Fairbanks, AK, USA
Abstract :
Government agencies and organizations are just beginning to harness the powerful capabilities of visualization to aid in the prevention, detection, and mitigation of security threats. Most advances in this area have focused on protecting an agency or organization from malicious outsiders. While not a new threat, the malicious insider has recently earned increased focus. This paper investigates methods of classifying and visualizing insider behavior to establish a pattern of acceptable actions based on workgroup role classifications. It then discusses actions as related to identified precursors of malicious activities and provides a simplified example of how visualization can be used to help detect this threat. When visualized using bipartite mappings, behaviors outside the norm can be easily identified and provide an important step in the process of highlighting areas and individuals for further investigation.
Keywords :
data visualisation; graph theory; pattern classification; security of data; acceptable action pattern; behavior classification; behavior visualizaption; bipartite graph; bipartite mapping; malicious activities; malicious insider threat identification; malicious insider threat visualization; security threat detection; security threat mitigation; security threat prevention; workgroup role classification; Electronic mail; Law; Organizations; Patents; Printing; Visualization;
Conference_Titel :
System Sciences (HICSS), 2011 44th Hawaii International Conference on
Conference_Location :
Kauai, HI
Print_ISBN :
978-1-4244-9618-1
DOI :
10.1109/HICSS.2011.231
