Modeling User Communities for Identifying Security Risks in an Organization
Title | Modeling User Communities for Identifying Security Risks in an Organization |
Publication Type | Conference Paper |
Year of Publication | 2017 |
Authors | Das, A., Shen, M. Y., Wang, J. |
Conference Name | 2017 IEEE International Conference on Big Data (Big Data) |
Date Published | dec |
ISBN Number | 978-1-5386-2715-0 |
Keywords | community detection, Companies, entity behavior analytics, feature-based weight assignments, Human Behavior, human factors, insider threat, Louvain method, Louvain modularity, Measurement, Metrics, network traffic, Niara's data, Optimization, peer group creation, Peer grouping, peer grouping employees, peer to peer security, Peer-to-peer computing, Personnel, production environment, pubcrawl, resilience, Resiliency, Scalability, security, security of data, security risks, team working, Tools, UEBA, User and Entity Behavior Analytics, user communities, user feedback |
Abstract | In this paper, we address the problem of peer grouping employees in an organization for identifying security risks. Our motivation for studying peer grouping is its importance for a clear understanding of user and entity behavior analytics (UEBA) that is the primary tool for identifying insider threat through detecting anomalies in network traffic. We show that using Louvain method of community detection it is possible to automate peer group creation with feature-based weight assignments. Depending on the number of employees and their features we show that it is also possible to give each group a meaningful description. We present three new algorithms: one that allows an addition of new employees to already generated peer groups, another that allows for incorporating user feedback, and lastly one that provides the user with recommended nodes to be reassigned. We use Niara's data to validate our claims. The novelty of our method is its robustness, simplicity, scalability, and ease of deployment in a production environment. |
URL | http://ieeexplore.ieee.org/document/8258488/ |
DOI | 10.1109/BigData.2017.8258488 |
Citation Key | das_modeling_2017 |
- security of data
- Peer-to-peer computing
- Personnel
- production environment
- pubcrawl
- resilience
- Resiliency
- Scalability
- security
- peer to peer security
- security risks
- team working
- tools
- UEBA
- User and Entity Behavior Analytics
- user communities
- user feedback
- Measurement
- Companies
- entity behavior analytics
- feature-based weight assignments
- Human behavior
- Human Factors
- insider threat
- Louvain method
- Louvain modularity
- community detection
- Metrics
- network traffic
- Niara's data
- optimization
- peer group creation
- Peer grouping
- peer grouping employees