A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf
.
Information behaving badly
2013
Proceedings of the 2013 workshop on New security paradigms workshop - NSPW '13
Traditionally, insider threat detection has focused on observing human actors -or, more precisely, computer accounts and processes acting on behalf of those actors -to model their "normal" behavior, then determine if they have performed some anomalous action and, further, if that action is malicious. In this paper, we shift the paradigm from observing human behavior to observing information behavior by modeling how documents flow through an organization. We hypothesize that similar types of
doi:10.1145/2535813.2535825
dblp:conf/nspw/ArdBGS13
fatcat:b7jvrsacarhp3fb7td3vf2c2qq