Document Type
Article
Publication Date
2-2008
Abstract
Despite a technology bias that focuses on external electronic threats, insiders pose the greatest threat to an organisation. This paper discusses an approach to assist investigators in identifying potential insider threats. We discern employees' interests from e-mail using an extended version of PLSI. These interests are transformed into implicit and explicit social network graphs, which are used to locate potential insiders by identifying individuals who feel alienated from the organisation or have a hidden interest in a sensitive topic. By applying this technique to the Enron e-mail corpus, a small number of employees appear as potential insider threats.
DOI
10.1504/IJSN.2008.017224
Source Publication
International Journal of Security and Networks
Recommended Citation
Okolica, J. S., Peterson, G. L., & Mills, R. F. (2008). Using PLSI-U to detect insider threats by datamining e-mail. International Journal of Security and Networks, 3(2), 114. https://doi.org/10.1504/IJSN.2008.017224
Comments
Copyright © 2008 Inderscience Enterprises Ltd.
AFIT Scholar furnishes the draft version of this article. The published version of record appears in International Journal of Security and Networks and is available by subscription through the DOI link in the citation below.
Shared in accordance with archiving rules posted at Sherpa for this journal.