Insider threats are one of the top security concerns facing large organizations. Current and former employees, business partners, contractors—anyone with the right level of access to a company’s data—can pose a threat. The incidence of insider threats has increased in recent years, at a significant cost to companies. Associate Professor Jingrui He is addressing this problem in a new project that seeks to detect and predict insider threats. She has been awarded a three-year, $200,000 grant from the C3.ai Digital Transformation Institute for her project, "Multi-Facet Rare Event Modeling of Adaptive Insider Threats."
According to He, the question her team seeks to answer is, "How can we detect and model the rare and adaptive insider threats in big organizations based on multimodal data, such as computer logon and logoff activities, email exchanges, and web browsing history?"
Insider threats are typically rare and involve only a small percentage of employees. In order to evade current detection systems, adaptive insiders will change their strategies when carrying out the attacks.
"Initially, we will integrate the information from multimodal data to detect both outliers and rare category types of insider threats," He said. "Then we will study the adaptive behaviors of insider threats and propose dynamic update techniques based on the models we develop."
He's team will work closely with Development Operations staff at the C3.ai Digital Transformation Institute, a research consortium jointly hosted by the University of Illinois and University of California, Berkeley. After implementing the models on the C3.ai platform, the team will use various public data sets, including the Computer Emergency Response Team (CERT) Insider Threat data set, to evaluate the models. John R. Birge, Hobart W. Williams Distinguished Service Professor of Operations Management at The University of Chicago Booth School of Business, will serve as co-principal investigator on the project.
He's general research theme is to design, build, and test a suite of automated and semi-automated methods to explore, understand, characterize, and predict real-world data by means of statistical machine learning. She received her PhD in machine learning from Carnegie Mellon University.