Abstract
Complex organizational environments require highly-skilled employees who are both good at their everyday work and at the same time digitally literate, capable of using communication platforms and social media. Moreover, the familiarization of employees with technology and their tendency to bring their own devices at work, has created an additional headache for information security officers who fear that several backdoors can be opened to the organization security infrastructure not only by the misuse of the devices but also by a potentially highly-skilled employee. The proposed, in this chapter, social profiler tool aims at identifying potential inside threats using organizational information i.e., communication messages either from emails or social media. The information collected is then analyzed using a custom vocabulary which contains keywords related to the sensitive information of the organization in order to produce a list of employees who can potentially become insider threats. Finally, the social profiler tool incorporates six different visualizations of the employees under investigation with attributes such as their behavioral profile, ego network, word cloud, and a comparative profile of each employee in contrast to other profiles in their network. The tool’s effectiveness has been tested with an actual business communication dataset using a well-established generic vocabulary demonstrating promising results.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Bader BW, Berry MW, Browne M (2008) Discussion tracking in Enron email using PARAFAC. In: Survey of text mining II, pp 147–163
Balakrishnan B (2015) Insider threat mitigation guidance. SANS Institute InfoSec Reading Room
BERR (2008) Information security breaches survey 2008, 22 April 2008. http://www.eurim.org.uk/activities/ig/voi/DBERR.pdf. Accessed 17 June 2017
Brdiczka O, Liu J, Price B, Shen J, Patil A, Chow R, Bart E, Ducheneaut N (2012) Proactive insider threat detection through graph learning and psychological context. In: 2012 IEEE Symposium on Security and Privacy Workshops (SPW). IEEE, pp 142–149
Cason K (2014) Kumo—Java Word Cloud. https://github.com/kennycason/kumo. Accessed 10 May 2017
Cohen W (2015) Enron email dataset. Accessed 8 May 2015
Cole E (2015) Insider threats and the need for fast and directed response. Technical report, SANS Institute InfoSec Reading Room
Decherchi S, Tacconi S, Redi J, Leoncini A, Sangiacomo F, Zunino R (2009) Text clustering for digital forensics analysis. Comput Intell Secur Inf Syst 29–36
Eldardiry H, Bart E, Liu J, Hanley J, Price B, Brdiczka O (2013) Multi-domain information fusion for insider threat detection. In: 2013 IEEE security and privacy workshops (SPW). IEEE, pp 45–51
Everett M, Borgatti SP (2005) Ego network betweenness. Soc Netw 27(1):31–38
Fan W, Gordon MD (2014) The power of social media analytics. Commun ACM 57(6):74–81
Hershkop S, Stolfo SJ (2006) Behavior-based email analysis with application to spam detection. Columbia University
INSA (2015) Intelligence and national security alliance insider threat. https://www.insaonline.org/issues/insider-threat/. Accessed 10 June 2017
Kandias M, Mylonas A, Virvilis N, Theoharidou M, Gritzalis D (2010) An insider threat prediction model. In: International conference on trust, privacy and security in digital business. Springer, Berlin, pp 26–37
Karampelas P (2014) Visual methods and tools for social network analysis. In: Encyclopedia of social network analysis and mining. Springer New York, pp 2314–2327
National Institute of Standards and Technology (2014) Framework for improving critical infrastructure cybersecurity
Nurse JR, Buckley O, Legg PA, Goldsmith M, Creese S, Wright GR, Whitty M (2014) Understanding insider threat: a framework for characterising attacks. In: 2014 IEEE security and privacy workshops (SPW). IEEE, pp 214–228
Persaud A, Guan Y (2005) A framework for email investigations. In: IFIP international conference on digital forensics. Springer, US, pp 79–90
Poll H, Kellett A (2015) Vormetric insider threat report
Schwartz SH (1994) Are there universal aspects in the structure and contents of human values? J Soc Issues 50(4):19–45
Silowash G, Cappelli D, Moore A, Trzeciak R, Shimeall TJ, Flynn L (2012) Common sense guide to mitigating insider threats, 4th edn (No. CMU/SEI-2012-TR-012). Carnegie Mellon University Software Engineering Institute, Pittsburgh, PA
Spitzner L (2003) Honeypots: catching the insider threat. In: 19th annual proceedings of the computer security applications conference, 2003. IEEE, pp 170–179
Stolfo SJ, Hershkop S, Hu CW, Li WJ, Nimeskern O, Wang K (2006) Behavior-based modeling and its application to email analysis. ACM Trans Internet Technol (TOIT) 6(2):187–221
Van Alstyne M, Zhang J (2003) Emailnet: a system for automatically mining social networks from organizational email communication. Ann Arbor 1001:48109
Warkentin M, Willison R (2009) Behavioral and policy issues in information systems security: the insider threat. Eur J Inf Syst 18(2):101
Xenaros A, Karampelas P, Lekea I (2016) Profiling individuals based on email analysis and ego networks: a visualization technique. In: 2016 IEEE/ACM international conference on advances in social networks analysis and mining (ASONAM). IEEE, pp 1262–1269
Zhou Y (2008) Mining organizational emails for social networks with application to Enron corpus. Doctoral dissertation, Rensselaer Polytechnic Institute
Zhou Y, Fleischmann KR, Wallace WA (2010) Automatic text analysis of values in the Enron email dataset: clustering a social network using the value patterns of actors. In: 2010 43rd Hawaii international conference on system sciences (HICSS). IEEE, pp 1–10
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG
About this chapter
Cite this chapter
Karampelas, P. (2018). An Organizational Visualization Profiler Tool Based on Social Interactions. In: Karampelas, P., Bourlai, T. (eds) Surveillance in Action. Advanced Sciences and Technologies for Security Applications. Springer, Cham. https://doi.org/10.1007/978-3-319-68533-5_18
Download citation
DOI: https://doi.org/10.1007/978-3-319-68533-5_18
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-68532-8
Online ISBN: 978-3-319-68533-5
eBook Packages: Political Science and International StudiesPolitical Science and International Studies (R0)