An Insider Threat Detection Framework Using Attributed Graph Clustering.
SPEAKER: Anagi Gamachchi
Date: Friday 13th July
Time: 3:00pm–4:00pm (Talk & Q/A)
Venue: Building 8 Level 9 Room 66 (AGR)
RMIT City campus
The seminar will be followed by snacks and drinks
All students, staff and visitors are welcome
Abstract: While most organisations continue to invest in traditional network defences, a formidable security challenge has been brewing within their own boundaries. Malicious insiders with privileged access in the guise of a trusted source have carried out many attacks causing far reaching damage to financial stability, national security and brand reputation for both public and private sector organisations. Growing exposure and impact of the whistle-blower community and concerns about job security with changing organisational dynamics has further aggravated this situation. The unpredictability of malicious attackers and the complexity of malicious actions necessitate the careful analysis of network, system and user parameters correlated with the insider threat problem. This creates a high dimensional, heterogeneous data analysis problem in isolating suspicious users in the context of the insider threat problem. We will present an insider threat detection framework, which utilises the attributed graph clustering techniques and outlier ranking mechanisms for enterprise users.
Biography: Anagi Gamachchi received her PhD in May 2018 from RMIT University. Her PhD research investigated the insider threat problem in detail through many use cases. The research produced mathematical models for insider threat mitigation, incorporating user behaviour analysis and graph theoretic approaches for feature extraction and threat detection. Her primary research interest lies in cyber security and is directed towards the study of insider threat detection, and user behaviour analysis.