Semantic analysis for monitoring insider threats

Svetlana Symonenko, Elizabeth D. Liddy, Ozgur Yilmazel, Robert Del Zoppo, Eric Brown, Matt Downey

Research output: Chapter in Book/Entry/PoemChapter

18 Scopus citations

Abstract

Malicious insiders' difficult-to-detect activities pose serious threats to the intelligence community (IC) when these activities go undetected. A novel approach that integrates the results of social network analysis, role-based access monitoring, and semantic analysis of insiders' communications as evidence for evaluation by a risk assessor is being tested on an IC simulation. A semantic analysis, by our proven Natural Language Processing (NLP) system, of the insider's text-based communications produces conceptual representations that are clustered and compared on the expected vs. observed scope. The determined risk level produces an input to a risk analysis algorithm that is merged with outputs from the system's social network analysis and role-based monitoring modules.

Original languageEnglish (US)
Title of host publicationLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
EditorsHsinchun Chen, Daniel D. Zeng, Reagan Moore, John Leavitt
PublisherSpringer Verlag
Pages492-500
Number of pages9
ISBN (Electronic)9783540221258
DOIs
StatePublished - 2004

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume3073
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

ASJC Scopus subject areas

  • Theoretical Computer Science
  • General Computer Science

Fingerprint

Dive into the research topics of 'Semantic analysis for monitoring insider threats'. Together they form a unique fingerprint.

Cite this