Semantic Analysis for Monitoring Insider Threats

Author(s)/Creator(s)

Svetlana Symonenko, Syracuse University
Elizabeth D. Liddy, Syracuse UniversityFollow
Ozgur Yilmazel, Syracuse University
Robert Del Zoppo, Syracuse Research Corporation, Information Technologies Center
Eric Brown, Syracuse Research Corporation, Information Technologies Center

Document Type

Article

Date

2004

Keywords

intelligence community, IC, security, social network analysis, role-based access monitoring, insiders' communications, risk assessor, Natural Language Processing Center, NLP

Language

English

Disciplines

Library and Information Science

Description/Abstract

Malicious insiders’ difficult-to-detect activities pose serious threats to the intelligence community (IC) when these activities go undetected. A novel approach that integrates the results of social network analysis, role-based access monitoring, and semantic analysis of insiders ’ communications as evidence for evaluation by a risk assessor is being tested on an IC simulation. A semantic analysis, by our proven Natural Language Processing (NLP) system, of the insider’s text-based communications produces conceptual representations that are clustered and compared on the expected vs. observed scope. The determined risk level produces an input to a risk analysis algorithm that is merged with outputs from the system’s social network analysis and role-based monitoring modules.

Additional Information

Additional authors listed in paper.

Recommended Citation

Symonenko, Svetlana; Liddy, Elizabeth D.; Yilmazel, Ozgur; Del Zoppo, Robert; and Brown, Eric, "Semantic Analysis for Monitoring Insider Threats" (2004). School of Information Studies - Faculty Scholarship. 59.
https://surface.syr.edu/istpub/59

Creative Commons License

This work is licensed under a Creative Commons Attribution 3.0 License.