Detecting malicious insider threats using a null affinity temporal three dimensional matrix relation

Jonathan White; Brajendra Panda; Quassai Yaseen; Khanh Nguyen; Weihan Li

Detecting malicious insider threats using a null affinity temporal three dimensional matrix relation

Jonathan White
, Brajendra Panda
, Quassai Yaseen
, Khanh Nguyen
, Weihan Li

University of Arkansas System

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

2 Scopus citations

Abstract

A new approach for detecting malicious access to a database system is proposed and tested in this work. The proposed method relies upon manipulating usage information from database logs into three dimensional null-related matrix clusters that reveals new information about which sets of data items should never be related during defined temporal time frames across several applications. If access is detected in these three dimensional null-related clusters, this is an indication of illicit behavior, and further security procedures should occur. In this paper, we describe the null affinity algorithm and illustrate by several examples its use for problem decomposition and access control to data items which should not be accessed together, resulting in a new and novel way to detect malicious access that has never been proposed before.

Original language	English
Title of host publication	Security in Information Systems - Proceedings of the 7th International Workshop on Security in Information Systems - WOSIS 2009 In Conjunction with ICEIS 2009
Pages	93-102
Number of pages	10
State	Published - 2009
Externally published	Yes
Event	7th International Workshop on Security in Information Systems - WOSIS 2009 In Conjunction with ICEIS 2009 - Milan, Italy Duration: 1 May 2009 → 1 May 2009

Publication series

Name	Security in Information Systems - Proceedings of the 7th International Workshop on Security in Information Systems - WOSIS 2009 In Conjunction with ICEIS 2009

Conference

Conference	7th International Workshop on Security in Information Systems - WOSIS 2009 In Conjunction with ICEIS 2009
Country/Territory	Italy
City	Milan
Period	1/05/09 → 1/05/09

Cite this

White, J., Panda, B., Yaseen, Q., Nguyen, K., & Li, W. (2009). Detecting malicious insider threats using a null affinity temporal three dimensional matrix relation. In Security in Information Systems - Proceedings of the 7th International Workshop on Security in Information Systems - WOSIS 2009 In Conjunction with ICEIS 2009 (pp. 93-102). (Security in Information Systems - Proceedings of the 7th International Workshop on Security in Information Systems - WOSIS 2009 In Conjunction with ICEIS 2009).

White, Jonathan ; Panda, Brajendra ; Yaseen, Quassai et al. / Detecting malicious insider threats using a null affinity temporal three dimensional matrix relation. Security in Information Systems - Proceedings of the 7th International Workshop on Security in Information Systems - WOSIS 2009 In Conjunction with ICEIS 2009. 2009. pp. 93-102 (Security in Information Systems - Proceedings of the 7th International Workshop on Security in Information Systems - WOSIS 2009 In Conjunction with ICEIS 2009).

@inproceedings{7d3024455c1c4645ae8ca024deb8d9ce,

title = "Detecting malicious insider threats using a null affinity temporal three dimensional matrix relation",

abstract = "A new approach for detecting malicious access to a database system is proposed and tested in this work. The proposed method relies upon manipulating usage information from database logs into three dimensional null-related matrix clusters that reveals new information about which sets of data items should never be related during defined temporal time frames across several applications. If access is detected in these three dimensional null-related clusters, this is an indication of illicit behavior, and further security procedures should occur. In this paper, we describe the null affinity algorithm and illustrate by several examples its use for problem decomposition and access control to data items which should not be accessed together, resulting in a new and novel way to detect malicious access that has never been proposed before.",

author = "Jonathan White and Brajendra Panda and Quassai Yaseen and Khanh Nguyen and Weihan Li",

year = "2009",

language = "English",

isbn = "9789898111913",

series = "Security in Information Systems - Proceedings of the 7th International Workshop on Security in Information Systems - WOSIS 2009 In Conjunction with ICEIS 2009",

pages = "93--102",

booktitle = "Security in Information Systems - Proceedings of the 7th International Workshop on Security in Information Systems - WOSIS 2009 In Conjunction with ICEIS 2009",

note = "7th International Workshop on Security in Information Systems - WOSIS 2009 In Conjunction with ICEIS 2009 ; Conference date: 01-05-2009 Through 01-05-2009",

}

White, J, Panda, B, Yaseen, Q, Nguyen, K & Li, W 2009, Detecting malicious insider threats using a null affinity temporal three dimensional matrix relation. in Security in Information Systems - Proceedings of the 7th International Workshop on Security in Information Systems - WOSIS 2009 In Conjunction with ICEIS 2009. Security in Information Systems - Proceedings of the 7th International Workshop on Security in Information Systems - WOSIS 2009 In Conjunction with ICEIS 2009, pp. 93-102, 7th International Workshop on Security in Information Systems - WOSIS 2009 In Conjunction with ICEIS 2009, Milan, Italy, 1/05/09.

Detecting malicious insider threats using a null affinity temporal three dimensional matrix relation. / White, Jonathan; Panda, Brajendra; Yaseen, Quassai et al.
Security in Information Systems - Proceedings of the 7th International Workshop on Security in Information Systems - WOSIS 2009 In Conjunction with ICEIS 2009. 2009. p. 93-102 (Security in Information Systems - Proceedings of the 7th International Workshop on Security in Information Systems - WOSIS 2009 In Conjunction with ICEIS 2009).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Detecting malicious insider threats using a null affinity temporal three dimensional matrix relation

AU - White, Jonathan

AU - Panda, Brajendra

AU - Yaseen, Quassai

AU - Nguyen, Khanh

AU - Li, Weihan

PY - 2009

Y1 - 2009

N2 - A new approach for detecting malicious access to a database system is proposed and tested in this work. The proposed method relies upon manipulating usage information from database logs into three dimensional null-related matrix clusters that reveals new information about which sets of data items should never be related during defined temporal time frames across several applications. If access is detected in these three dimensional null-related clusters, this is an indication of illicit behavior, and further security procedures should occur. In this paper, we describe the null affinity algorithm and illustrate by several examples its use for problem decomposition and access control to data items which should not be accessed together, resulting in a new and novel way to detect malicious access that has never been proposed before.

AB - A new approach for detecting malicious access to a database system is proposed and tested in this work. The proposed method relies upon manipulating usage information from database logs into three dimensional null-related matrix clusters that reveals new information about which sets of data items should never be related during defined temporal time frames across several applications. If access is detected in these three dimensional null-related clusters, this is an indication of illicit behavior, and further security procedures should occur. In this paper, we describe the null affinity algorithm and illustrate by several examples its use for problem decomposition and access control to data items which should not be accessed together, resulting in a new and novel way to detect malicious access that has never been proposed before.

UR - https://www.scopus.com/pages/publications/71549144844

M3 - Conference contribution

AN - SCOPUS:71549144844

SN - 9789898111913

T3 - Security in Information Systems - Proceedings of the 7th International Workshop on Security in Information Systems - WOSIS 2009 In Conjunction with ICEIS 2009

SP - 93

EP - 102

BT - Security in Information Systems - Proceedings of the 7th International Workshop on Security in Information Systems - WOSIS 2009 In Conjunction with ICEIS 2009

T2 - 7th International Workshop on Security in Information Systems - WOSIS 2009 In Conjunction with ICEIS 2009

Y2 - 1 May 2009 through 1 May 2009

ER -

White J, Panda B, Yaseen Q, Nguyen K, Li W. Detecting malicious insider threats using a null affinity temporal three dimensional matrix relation. In Security in Information Systems - Proceedings of the 7th International Workshop on Security in Information Systems - WOSIS 2009 In Conjunction with ICEIS 2009. 2009. p. 93-102. (Security in Information Systems - Proceedings of the 7th International Workshop on Security in Information Systems - WOSIS 2009 In Conjunction with ICEIS 2009).

Detecting malicious insider threats using a null affinity temporal three dimensional matrix relation

Abstract

Publication series

Conference

Other files and links

Fingerprint

Cite this