Detecting Anomalous Insiders in Collaborative Information Systems


Collaborative information systems (CISs) are deployed within a diverse array of environments that manage sensitive information. Current security mechanisms detect insider threats, but they are ill-suited to monitor systems in which users function in dynamic teams. In this paper, we introduce the community anomaly detection system (CADS), an unsupervised learning framework to detect insider threats based on the access logs of collaborative environments. The framework is based on the observation that typical CIS users tend to form community structures based on the subjects accessed (e.g., patients' records viewed by healthcare providers). CADS consists of two components: 1) relational pattern extraction, which derives community structures and 2) anomaly prediction, which leverages a statistical model to determine when users have sufficiently deviated from communities. We further extend CADS into MetaCADS to account for the semantics of subjects (e.g., patients' diagnoses). To empirically evaluate the framework, we perform an assessment with three months of access logs from a real electronic health record (EHR) system in a large medical center. The results illustrate our models exhibit significant performance gains over state-of-the-art competitors. When the number of illicit users is low, MetaCADS is the best model, but as the number grows, commonly accessed semantics lead to hiding in a crowd, such that CADS is more prudent.

Did you like this research project?

To get this research project Guidelines, Training and Code... Click Here

PROJECT TITLE :From Latency, Through Outbreak, to Decline: Detecting Different States of Emergency Events Using Web Resources - 2018ABSTRACT:An emergency event may be a sudden, urgent, typically sudden incident or occurrence that
PROJECT TITLE :Detecting Bitrate Modulation-Based Covert Voice-Over-IP Communication - 2018ABSTRACT:Steganography based on bitrate modulation could be a new type of information hiding approach for Voice over IP (VoIP), which
PROJECT TITLE : Detecting overly strong preconditions in refactoring engines - 2017 ABSTRACT: Refactoring engines may have overly sturdy preconditions preventing developers from applying helpful transformations. We have a tendency
PROJECT TITLE : ProGuard: Detecting Malicious Accounts in Social-Network-Based Online Promotions - 2017 ABSTRACT: Online social networks (OSNs) gradually integrate monetary capabilities by enabling the usage of real and virtual
PROJECT TITLE : Detecting Stress Based on Social Interactions in Social Networks - 2017 ABSTRACT: Psychological stress is threatening folks's health. It is non-trivial to detect stress timely for proactive care. With the popularity

Ready to Complete Your Academic MTech Project Work In Affordable Price ?

Project Enquiry