Informatics and Applications
2020, Volume 14, Issue 3, pp 71-75
MATHEMATICAL STATISTICS IN THE TASK OF IDENTIFYING HOSTILE INSIDERS
- N. A. Grusho
- M. I. Zabezhailo
- D. V. Smirnov
- E. E. Timonina
- S. Ya. Shorgin
Abstract
The paper explores approaches to identifying hostile insiders of the organization using collusion. The problem of identifying the organized group of information security violators is one of the most complex tasks of ensuring the security of organization. The set of source data for analysis consists of many small samples describing the functionality of the organization's information technologies. This set can be considered as big data. The clustering method is used to reduce the amount of source data that made it possible to use mathematical statistics efficiently, i. e., to identify small samples carrying information about hostile insiders. The difficulty of the task was to lose as little as possible the needed small samples. The conditions have been found where in the series scheme, the probability of identifying insiders using collusion tends to 1.
[+] References (7)
- Gheyas, I., and A. Abdallah. 2016. Detection and prediction of insider threats to cyber security: A systematic literature review and meta-analysis. Big Data Anal. 1:1-29. doi: 10.1186/s41044-016-0006-0.
- Memory, A., H. G. Goldberg, and T. E. Senator. 2013. Context-aware insider threat detection. Workshops at 27th Conference on Artificial Intelligence. 44-47. Available at: https://pdfs.semanticscholar.org/04aa/e6d97900ba62e9 0b07ac682fb7bd8c2e1029.pdf (accessed August 13, 2020).
- Grusho, A.A., M.I. Zabezhailo, D.V. Smirnov, and E. E. Timonina. 2017. Model' mnozhestva informatsion- nykh prostranstv v zadache poiska insaydera [The model of the set of information spaces in the problem of insider detection]. Informatika i ee Primeneniya - Inform. Appl. 11(4):65-69.
- Grusho, A., N. Grusho, and E. Timonina. 2020. Method of several information spaces for identification of anomalies. Intelligent distributed computing XIII. Eds. I. Kotenko,
C. Badica, V. Desnitsky, D. ElBaz, andM. Ivanovic. Studies in computational intelligence ser. Springer. 868:515-520.
- Axelsson, S. 2000. The base-rate fallacy and its implications for the difficulty of intrusion detection. ACMT. Inform. Syst. Se. 3(3):186-205.
- Grusho, A., N. Grusho, and E. Timonina. 2019. The bans in finite probability spaces and the problem of small samples. Distributed computer and communication networks. Eds. V. M. Vishnevskiy, K. E. Samouylov, and
D. V Kozyrev. Lecture notes in computer science ser. Springer. 11965:578-590.
- Kolchin, V. F., B.A. Sevastyanov, and V. P. Chistyakov. 1976. Sluchaynye razmeshcheniya [Random allocations]. Moscow: Nauka. 224 p.
[+] About this article
Title
MATHEMATICAL STATISTICS IN THE TASK OF IDENTIFYING HOSTILE INSIDERS
Journal
Informatics and Applications
2020, Volume 14, Issue 3, pp 71-75
Cover Date
2020-09-30
DOI
10.14357/19922264200310
Print ISSN
1992-2264
Publisher
Institute of Informatics Problems, Russian Academy of Sciences
Additional Links
Key words
identification of the organized group of hostile insiders; small samples; big data; mathematical statistics
Authors
N. A. Grusho  , M. I. Zabezhailo  , D. V. Smirnov  , E. E. Timonina , and S. Ya. Shorgin
Author Affiliations
Institute of Informatics Problems, Federal Research Center "Computer Science and Control" of the Russian Academy of Sciences, 44-2 Vavilov Str., Moscow 119333, Russian Federation
A. A. Dorodnicyn Computing Center, Federal Research Center "Computer Science and Control" of the Russian Academy of Sciences, 40 Vavilov Str., Moscow 119333, Russian Federation
Sberbank of Russia, 19 Vavilov Str., Moscow 117999, Russian Federation
|