nach oben

Erschienen in:

2018 | OriginalPaper | Buchkapitel

18. An Organizational Visualization Profiler Tool Based on Social Interactions

verfasst von : Panagiotis Karampelas

Erschienen in: Surveillance in Action

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Complex organizational environments require highly-skilled employees who are both good at their everyday work and at the same time digitally literate, capable of using communication platforms and social media. Moreover, the familiarization of employees with technology and their tendency to bring their own devices at work, has created an additional headache for information security officers who fear that several backdoors can be opened to the organization security infrastructure not only by the misuse of the devices but also by a potentially highly-skilled employee. The proposed, in this chapter, social profiler tool aims at identifying potential inside threats using organizational information i.e., communication messages either from emails or social media. The information collected is then analyzed using a custom vocabulary which contains keywords related to the sensitive information of the organization in order to produce a list of employees who can potentially become insider threats. Finally, the social profiler tool incorporates six different visualizations of the employees under investigation with attributes such as their behavioral profile, ego network, word cloud, and a comparative profile of each employee in contrast to other profiles in their network. The tool’s effectiveness has been tested with an actual business communication dataset using a well-established generic vocabulary demonstrating promising results.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Detecting Users Who Share Extremist Content on Twitter

Nächstes Kapitel Cyber-Surveillance Analysis for Supercomputing Environments

Bader BW, Berry MW, Browne M (2008) Discussion tracking in Enron email using PARAFAC. In: Survey of text mining II, pp 147–163

Balakrishnan B (2015) Insider threat mitigation guidance. SANS Institute InfoSec Reading Room

BERR (2008) Information security breaches survey 2008, 22 April 2008. http://www.eurim.org.uk/activities/ig/voi/DBERR.pdf. Accessed 17 June 2017

Brdiczka O, Liu J, Price B, Shen J, Patil A, Chow R, Bart E, Ducheneaut N (2012) Proactive insider threat detection through graph learning and psychological context. In: 2012 IEEE Symposium on Security and Privacy Workshops (SPW). IEEE, pp 142–149

Cason K (2014) Kumo—Java Word Cloud. https://github.com/kennycason/kumo. Accessed 10 May 2017

Cohen W (2015) Enron email dataset. Accessed 8 May 2015

Cole E (2015) Insider threats and the need for fast and directed response. Technical report, SANS Institute InfoSec Reading Room

Decherchi S, Tacconi S, Redi J, Leoncini A, Sangiacomo F, Zunino R (2009) Text clustering for digital forensics analysis. Comput Intell Secur Inf Syst 29–36

Eldardiry H, Bart E, Liu J, Hanley J, Price B, Brdiczka O (2013) Multi-domain information fusion for insider threat detection. In: 2013 IEEE security and privacy workshops (SPW). IEEE, pp 45–51

10.

Everett M, Borgatti SP (2005) Ego network betweenness. Soc Netw 27(1):31–38CrossRef

11.

Fan W, Gordon MD (2014) The power of social media analytics. Commun ACM 57(6):74–81CrossRef

12.

Hershkop S, Stolfo SJ (2006) Behavior-based email analysis with application to spam detection. Columbia University

13.

INSA (2015) Intelligence and national security alliance insider threat. https://www.insaonline.org/issues/insider-threat/. Accessed 10 June 2017

14.

Kandias M, Mylonas A, Virvilis N, Theoharidou M, Gritzalis D (2010) An insider threat prediction model. In: International conference on trust, privacy and security in digital business. Springer, Berlin, pp 26–37

15.

Karampelas P (2014) Visual methods and tools for social network analysis. In: Encyclopedia of social network analysis and mining. Springer New York, pp 2314–2327

16.

National Institute of Standards and Technology (2014) Framework for improving critical infrastructure cybersecurity

17.

Nurse JR, Buckley O, Legg PA, Goldsmith M, Creese S, Wright GR, Whitty M (2014) Understanding insider threat: a framework for characterising attacks. In: 2014 IEEE security and privacy workshops (SPW). IEEE, pp 214–228

18.

Persaud A, Guan Y (2005) A framework for email investigations. In: IFIP international conference on digital forensics. Springer, US, pp 79–90

19.

Poll H, Kellett A (2015) Vormetric insider threat report

20.

Schwartz SH (1994) Are there universal aspects in the structure and contents of human values? J Soc Issues 50(4):19–45CrossRef

21.

Silowash G, Cappelli D, Moore A, Trzeciak R, Shimeall TJ, Flynn L (2012) Common sense guide to mitigating insider threats, 4th edn (No. CMU/SEI-2012-TR-012). Carnegie Mellon University Software Engineering Institute, Pittsburgh, PA

22.

Spitzner L (2003) Honeypots: catching the insider threat. In: 19th annual proceedings of the computer security applications conference, 2003. IEEE, pp 170–179

23.

Stolfo SJ, Hershkop S, Hu CW, Li WJ, Nimeskern O, Wang K (2006) Behavior-based modeling and its application to email analysis. ACM Trans Internet Technol (TOIT) 6(2):187–221CrossRef

24.

Van Alstyne M, Zhang J (2003) Emailnet: a system for automatically mining social networks from organizational email communication. Ann Arbor 1001:48109

25.

Warkentin M, Willison R (2009) Behavioral and policy issues in information systems security: the insider threat. Eur J Inf Syst 18(2):101CrossRef

26.

Xenaros A, Karampelas P, Lekea I (2016) Profiling individuals based on email analysis and ego networks: a visualization technique. In: 2016 IEEE/ACM international conference on advances in social networks analysis and mining (ASONAM). IEEE, pp 1262–1269

27.

Zhou Y (2008) Mining organizational emails for social networks with application to Enron corpus. Doctoral dissertation, Rensselaer Polytechnic Institute

28.

Zhou Y, Fleischmann KR, Wallace WA (2010) Automatic text analysis of values in the Enron email dataset: clustering a social network using the value patterns of actors. In: 2010 43rd Hawaii international conference on system sciences (HICSS). IEEE, pp 1–10

Titel: An Organizational Visualization Profiler Tool Based on Social Interactions
verfasst von: Panagiotis Karampelas
Verlag: Springer International Publishing
Buch: Surveillance in Action
Print ISBN: 978-3-319-68532-8

Electronic ISBN: 978-3-319-68533-5

Copyright-Jahr: 2018
DOI: https://doi.org/10.1007/978-3-319-68533-5_18

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"