Sciweavers

CIDM
2009
IEEE

Mining for insider threats in business transactions and processes

14 years 7 months ago
Mining for insider threats in business transactions and processes
—Protecting and securing sensitive information are critical challenges for businesses. Deliberate and intended actions such as malicious exploitation, theft or destruction of data, are not only harmful and difficult to detect, but frequently these threats are propagated by an insider. Unfortunately, current efforts to identify unauthorized access to information such as what is found in document control and management systems are limited in scope and capabilities. This paper presents an approach to detecting anomalies in business transactions and processes using a graph representation. In our graphbased anomaly detection (GBAD) approach, anomalous instances of structural patterns are discovered in data that represent entities, relationships and actions. A definition of graph-based anomalies and a brief description of the GBAD algorithms are presented, followed by empirical results using a discrete-event simulation of real-world business transactions and processes.
William Eberle, Lawrence B. Holder
Added 20 May 2010
Updated 20 May 2010
Type Conference
Year 2009
Where CIDM
Authors William Eberle, Lawrence B. Holder
Comments (0)