intelligence community, IC, security, social network analysis, role-based access monitoring, insiders' communications, risk assessor, Natural Language Processing Center, NLP
Library and Information Science
Malicious insiders’ difficult-to-detect activities pose serious threats to the intelligence community (IC) when these activities go undetected. A novel approach that integrates the results of social network analysis, role-based access monitoring, and semantic analysis of insiders ’ communications as evidence for evaluation by a risk assessor is being tested on an IC simulation. A semantic analysis, by our proven Natural Language Processing (NLP) system, of the insider’s text-based communications produces conceptual representations that are clustered and compared on the expected vs. observed scope. The determined risk level produces an input to a risk analysis algorithm that is merged with outputs from the system’s social network analysis and role-based monitoring modules.
Symonenko, Svetlana; Liddy, Elizabeth D.; Yilmazel, Ozgur; Del Zoppo, Robert; and Brown, Eric, "Semantic Analysis for Monitoring Insider Threats" (2004). The School of Information Studies Faculty Scholarship. Paper 59.
Creative Commons License
This work is licensed under a Creative Commons Attribution 3.0 License.