Skip to main content
USENIX
  • Conferences
  • Students
Sign in
  • Overview
  • Workshop Organizers
  • Workshop Program
  • Co-Located Workshops
  • Activities
    • Birds-of-a-Feather Sessions
  • Students and Grants
  • Sponsorship
  • Questions?
  • Help Promote!
  • For Participants
  • Call for Papers
  • Past Workshops

sponsors

Bronze Sponsor

twitter

Tweets by @usenix

usenix conference policies

  • Event Code of Conduct
  • Conference Network Policy
  • Statement on Environmental Responsibility Policy

You are here

Home » Simulating Malicious Insiders in Real Host-Monitored User Data
Tweet

connect with us

http://twitter.com/usenixsecurity
http://www.usenix.org/facebook
http://www.usenix.org/linkedin
http://www.usenix.org/gplus
http://www.usenix.org/youtube

Simulating Malicious Insiders in Real Host-Monitored User Data

Authors: 

Kurt Wallnau, Brian Lindauer, and Michael Theis, Carnegie Mellon University; Robert Durst, Terrance Champion, Eric Renouf, and Christian Petersen, Skaion Corp.

Abstract: 

Our task is to produce test data for a research program developing a new generation of insider threat detection technologies. Test data is created by injecting fictional malicious activity into a background of real user activity. We rely on fictional narratives to specify threats that simulate realistic social complexity, with “drama as data” as a central organizing metaphor. Test cases are scripted as episodes of a fictional crime series, and compiled into time-series data of fictional characters. Users are selected from background to perform the role of fictional characters that best match their real-world roles and activities. Fictional activity is blended into the activity of real users in the cast. The cast and unmodified background users perform dramas in test windows: performances are test cases. Performances by different casts of users, or by the same cast of users in different test windows, constitute distinct test cases.

Kurt Wallnau, Carnegie Mellon University

Brian Lindauer, Carnegie Mellon University

Michael Theis, Carnegie Mellon University

Robert Durst, Skaion Corp

Terrance Champion, Skaion Corp

Eric Renouf, Skaion Corp

Christian Petersen, Skaion Corp

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

Wallnau PDF
View the slides
  • Log in or    Register to post comments

Bronze Sponsors

© USENIX

  • Privacy Policy
  • Contact Us