Abstract | ||
---|---|---|
The annual incidence of insider attacks continues to grow, and there are indications this trend will continue. While there are a number of existing tools that can accurately identify known attacks, these are reactive (as opposed to proactive) in their enforcement, and may be eluded by previously unseen, adversarial behaviors. This paper proposes an approach that combines Structural Anomaly Detection (SA) from social and information networks and Psychological Profiling (PP) of individuals. SA uses technologies including graph analysis, dynamic tracking, and machine learning to detect structural anomalies in large-scale information network data, while PP constructs dynamic psychological profiles from behavioral patterns. Threats are finally identified through a fusion and ranking of outcomes from SA and PP. The proposed approach is illustrated by applying it to a large data set from a massively multi-player online game, World of War craft (WoW). The data set contains behavior traces from over 350,000 characters observed over a period of 6 months. SA is used to predict if and when characters quit their guild (a player association with similarities to a club or workgroup in non-gaming contexts), possibly causing damage to these social groups. PP serves to estimate the five-factor personality model for all characters. Both threads show good results on the gaming data set and thus validate the proposed approach. |
Year | DOI | Venue |
---|---|---|
2012 | 10.1109/SPW.2012.29 | IEEE Symposium on Security and Privacy Workshops |
Keywords | Field | DocType |
psychological profiling,dynamic tracking,gaming data,dynamic psychological profile,information network,large data,psychological context,social group,large-scale information network data,graph learning,proactive insider threat detection,hidden markov models,anomaly detection,context model,organizations,graph theory,data models,games,graph analysis,social groups,social networks,machine learning,psychology,data model,learning artificial intelligence,game semantics,hidden markov model,semantics | Anomaly detection,Data modeling,Behavioral pattern,Workgroup,Ranking,Computer science,Computer security,Insider threat,Power graph analysis,Insider,Artificial intelligence,Machine learning | Conference |
ISBN | Citations | PageRank |
978-1-4673-2157-0 | 24 | 1.22 |
References | Authors | |
5 | 8 |
Name | Order | Citations | PageRank |
---|---|---|---|
Oliver Brdiczka | 1 | 1076 | 57.49 |
Juan Liu | 2 | 1128 | 145.32 |
Bob Price | 3 | 481 | 31.72 |
Jianqiang Shen | 4 | 236 | 17.86 |
Akshay Patil | 5 | 35 | 1.87 |
Richard Chow | 6 | 559 | 28.46 |
Eugene Bart | 7 | 29 | 2.43 |
Nicolas Ducheneaut | 8 | 2284 | 162.30 |