Role-Based Access Control Models
Computer
CSCW '96 Proceedings of the 1996 ACM conference on Computer supported cooperative work
Self-organizing maps
An access control framework for multi-user collaborative environments
GROUP '99 Proceedings of the international ACM SIGGROUP conference on Supporting group work
Normalized Cuts and Image Segmentation
IEEE Transactions on Pattern Analysis and Machine Intelligence
Flexible team-based access control using contexts
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Role-based access control on the web
ACM Transactions on Information and System Security (TISSEC)
Proceedings of the IFIP TC11 WG11.3 Eleventh International Conference on Database Securty XI: Status and Prospects
Enhancing Effectiveness of Outlier Detections for Low Density Patterns
PAKDD '02 Proceedings of the 6th Pacific-Asia Conference on Advances in Knowledge Discovery and Data Mining
Discovering cluster-based local outliers
Pattern Recognition Letters
Role mining - revealing business roles for security administration using data mining technology
Proceedings of the eighth ACM symposium on Access control models and technologies
A rule-based framework for role-based delegation and revocation
ACM Transactions on Information and System Security (TISSEC)
Countering terrorism through information technology
Communications of the ACM - Homeland security
On clusterings: Good, bad and spectral
Journal of the ACM (JACM)
Graph Theoretic and Spectral Analysis of Enron Email Data
Computational & Mathematical Organization Theory
Dynamic social network analysis using latent space models
ACM SIGKDD Explorations Newsletter
Journal of Medical Systems
Computer
RoleMiner: mining roles using subset enumeration
Proceedings of the 13th ACM conference on Computer and communications security
A group-based authorization model for cooperative systems
ECSCW'97 Proceedings of the fifth conference on European Conference on Computer-Supported Cooperative Work
Collective knowledge systems: Where the Social Web meets the Semantic Web
Web Semantics: Science, Services and Agents on the World Wide Web
Statistical properties of community structure in large social and information networks
Proceedings of the 17th international conference on World Wide Web
Mining roles with semantic meanings
Proceedings of the 13th ACM symposium on Access control models and technologies
Modeling trust in collaborative information systems
COLCOM '07 Proceedings of the 2007 International Conference on Collaborative Computing: Networking, Applications and Worksharing
Robust support vector machine with bullet hole image classification
IEEE Transactions on Systems, Man, and Cybernetics, Part C: Applications and Reviews
Explaining accesses to electronic health records
Proceedings of the 2011 workshop on Data mining for medicine and healthcare
Context-aware anomaly detection for electronic medical record systems
HealthSec'11 Proceedings of the 2nd USENIX conference on Health security and privacy
Proceedings of the VLDB Endowment
BLOCK: a black-box approach for detection of state violation attacks towards web applications
Proceedings of the 27th Annual Computer Security Applications Conference
SENTINEL: securing database from logic flaws in web applications
Proceedings of the second ACM conference on Data and Application Security and Privacy
Protecting web-based patient portal for the security and privacy of electronic medical records
HealthSec'12 Proceedings of the 3rd USENIX conference on Health Security and Privacy
Mining Deviations from Patient Care Pathways via Electronic Medical Record System Audits
ACM Transactions on Management Information Systems (TMIS) - Special Issue on Informatics for Smart Health and Wellbeing
Review: A review of novelty detection
Signal Processing
| Hi-index | 0.00 |
Collaborative information systems (CIS) are deployed within a diverse array of environments, ranging from the Internet to intelligence agencies to healthcare. It is increasingly the case that such systems are applied to manage sensitive information, making them targets for malicious insiders. While sophisticated security mechanisms have been developed to detect insider threats in various file systems, they are neither designed to model nor to monitor collaborative environments in which users function in dynamic teams with complex behavior. In this paper, we introduce a community-based anomaly detection system (CADS), an unsupervised learning framework to detect insider threats based on information recorded in the access logs of collaborative environments. CADS is based on the observation that typical users tend to form community structures, such that users with low affinity to such communities are indicative of anomalous and potentially illicit behavior. The model consists of two primary components: relational pattern extraction and anomaly detection. For relational pattern extraction, CADS infers community structures from CIS access logs, and subsequently derives communities, which serve as the CADS pattern core. CADS then uses a formal statistical model to measure the deviation of users from the inferred communities to predict which users are anomalies. To empirically evaluate the threat detection model, we perform an analysis with six months of access logs from a real electronic health record system in a large medical center, as well as a publicly available dataset for replication purposes. The results illustrate that CADS can distinguish simulated anomalous users in the context of real user behavior with a high degree of certainty and with significant performance gains in comparison to several competing anomaly detection models.