Leveraging social networks to detect anomalous insider actions in collaborative environments

Proceedings of 2011 IEEE International Conference on Intelligence and Security Informatics, ISI 2011

Volumn , Issue , 2011, Pages 119-124

  Chen, You ^a   Nyemba, Steve ^a   Zhang, Wen ^b   Malin, Bradley ^a,b  

^a VANDERBILT UNIVERSITY MEDICAL CENTER   (United States)

^b VANDERBILT UNIVERSITY   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

ACCESS LOG; AGGREGATE BEHAVIOR; COLLABORATIVE ENVIRONMENTS; COLLABORATIVE INFORMATION SYSTEMS; COMPLEX DYNAMIC SYSTEMS; ELECTRONIC HEALTH RECORD SYSTEMS; EMPIRICAL EVALUATIONS; INSIDER THREAT; INSIDER THREAT DETECTIONS; ROC CURVES; SOCIAL NETWORKS; SPECIALIZED NETWORKS; THEORETICAL BASIS; VARIOUS ATTACKS; WIKIPEDIA;

BEHAVIORAL RESEARCH; HEALTH RISKS; INFORMATION SCIENCE;

ELECTRONIC DOCUMENT EXCHANGE;

EID: 80052910270     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/ISI.2011.5984061     Document Type: Conference Paper

References (28)

1. ADAMIC, L. A., AND ADAR, E. Friends and neighbors on the web. Social Networks 25(3) (2003), 211-230. (Pubitemid 36831776)
2. BYUN, 1., AND U, N. Purpose based access control for privacy protection in relational database systems. VLDB 17 (2008), 603-619 .
3. CHEN, Y., AND MALIN, B. Detection of anomalous insiders in collaborative environments via relational analysis of access logs. In CODA SPY (2011), pp. 63-74.
4. CHEN, Y., Y. U, CHENG, X., AND Guo, L. Survey and taxonomy of feature selection algorithms in intrusion detection system. In Inscrypt (2006), pp. 153-167. (Pubitemid 46039537)
5. Doss, G., AND G.TEJAY. Developing insider attack detection model: A grounded approach. In ISI(2009), pp. 107-112.
6. EBERLE, W., AND HOLDER, L. Applying graph-based anomaly detection approaches to the discovery of insider threats. In ISI(2009), pp. 206-208.
7. ELDENBURG, L., SODERSTROM, N., W ILLIS, Y., AND Wu, A. Behavioral changes following the collaborative development of an accounting information system. Accounting, Organizations and Society 35, 2 (2010), 222-237.
8. GEORGIADIS, c., MAVRIDIS, I., PANGALOS, G., AND THOMAS, R. Flexible team-based access control using contexts. In SACMAT (2001), pp. 21-27.
9. GRUBER, T. Collective knowledge systems: where the social web meets the semantic web. Journal of Web Semantics 6, 1 (2007), 4-13.
10. HILLESTAD, R., BIGELOW, J., BOWER, A., GIROSI, F., MElLI, R., SCOVILLE, R., AND TAYLOR, R. Can electronic medical record systems transform health care? Health Affairs 24 (2005), 1103-1107.
11. HUANG, C., U, T., WANG, H., AND CHANG, C. A collaborative support tool for creativity learning: Idea storming cube. In ICALT (2007), pp. 31-35.
12. KULKARNI, D., AND TRIPATHI, A. Context-aware role-based access control in pervasive computing systems. In SACMAT (2008), pp. 113-122.
13. LESKOVEC, J., HUTTENLOCHER, D., AND KLEINBERG, J. Governance in social media: A case study of the Wikipedia promotion process. In [CWSM (2010).
14. MALIN, B., NYEMBA, S., AND PAULETT, J. Learning relational policies from electronic health record access logs. JBI (2011), In Press.
15. MENACHEMI, N., AND BROOKS, R. Reviewing the benefits and costs of electronic health records and associated patient safety technologies. Journal of Medical Systems 30, 3 (2008), 159-168. (Pubitemid 44060918)
16. NOBLE, C. C., AND COOK, D. J. Graph-based anomaly detection. In SIGKDD (2003), pp. 631-636.
17. PARK, J., SANDHU, R., AND AHN, G. Role-based access control on the web. ACM Transactions on Information System Security 4, 1 (2001), 37-71.
18. SARWAR, B., KARYPIS, G., KONSTAN, J., AND J.RIEDL. Item-based collaborative filtering recommendation algorithms. In WWW (2001), pp. 285-295.
19. SCHULTZ, E. A framework for understanding and predicting insider attacks. Computers and Security 21, 6 (2002), 526-531. (Pubitemid 35186246)
20. SHEN, H., AND CHENG, X. Spectral methods for the detection of network community structure: A comparative analysis. Journal of Statistical Mechanics - T heory and Experiment PJ0020 (2010).
21. SHYU, M., CHEN, S., SARINNAPAKORN, K., AND CHANG, L. A novel anomaly detection scheme based on principal component classifier. In ICDM (2003), pp. 172-179.
22. SUN, 1., QU, H., CHAKRABARTI, D., AND FALOUTSOS, C. Neighborhood formation and anomaly detection in bipartite graph. In ICDM (2005), pp. 418-425. (Pubitemid 47385721)
23. THOMAS, R., AND SANDHU, S. Task-based authorization controls (tbac): A family of models for active and enterprise-oriented autorization management. In IFfP [CDS (1997), pp. 166-181.
24. WAGNER, D., AND SOTO, P. Mimicry attacks on host-based intrusion detection systems. In CCS (2002), pp. 255-264.
25. WANG, X., AND BAYRAK, C. Injecting a permission-based delegation model to secure web-based workflow systems. In ISI(2009), pp. 101-106.
26. W ESTPHAL, C. Data Mining for Intelligence, Fraud & Criminal Detection: Advanced Analytics & Information Sharing Technologies. CRC, 2008.
27. Y. W. SEO, AND K.SYCARA. Cost-sensitive access control for illegitimate confidential access by insiders. In ISI(2006), pp. 117-128. (Pubitemid 44045562)
28. ZHANG, L., AHN, G., AND CHU, B. A rule-based framework for rolebased delegation and revocation. ACM Transactions on Information System Security 6, 3 (2003), 404-441.