DTB Project: A Behavioral Model for Detecting Insider Threats

Abstract

This paper describes the Detection of Threat Behavior (DTB) project, a joint effort being conducted by George Mason University (GMU) and Information Extraction and Transport, Inc. (IET). DTB uses novel approaches for detecting insiders in tightly controlled computing environments. Innovations include a distributed system of dynamically generated document-centric intelligent agents for document control, object-oriented hybrid logic-based and probabilistic modeling to characterize and detect illicit insider behaviors, and automated data collection and data mining of the operational environment to continually learn and update the underlying statistical and probabilistic nature of characteristic behaviors. To evaluate the DTB concept, the authors are conducting a human subjects experiment, which they also will include in their discussion.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jan 01, 2008
Accession Number
ADA489403

Entities

People

  • Daniel Barbara
  • Edward J. Wright
  • Ghazi Alghamdi
  • Kathryn B. Laskey
  • Mehul Revankar
  • Paulo C. G. Costa
  • Sepideh Mirza
  • Thomas Shackelford

Organizations

  • George Mason University

Tags

DTIC Thesaurus Topics

  • Abstracts
  • Bayesian Networks
  • Data Integration
  • Data Mining
  • Environment
  • False Alarms
  • Insider Threats
  • Machine Learning
  • Models
  • Ontologies
  • Probability
  • Random Variables
  • Security
  • Simulations
  • Standards
  • Threats
  • Universities

Fields of Study

  • Computer science

Readers

  • Artificial Intelligence
  • Cybersecurity.
  • Maritime and Naval Warfare Studies

Technology Areas

  • AI & ML