MITIGATING INSIDER THREATS IN VIRTUAL ENVIRONMENTS WITH DECEPTION DETECTION
Loading...
Authors
Francona, Jamie
Subjects
Department of Defense
DOD
Naval Postgraduate School
NPS
Concealed Information Test
CIT
human-computer interaction
HCI
Myers-Briggs Type Indicator
MBTI
false positive
FP
false negative
FN
comma-separated values
CSV
DOD
Naval Postgraduate School
NPS
Concealed Information Test
CIT
human-computer interaction
HCI
Myers-Briggs Type Indicator
MBTI
false positive
FP
false negative
FN
comma-separated values
CSV
Advisors
Irvine, Cynthia E.
Monaco, John
Date of Issue
2021-06
Date
Publisher
Monterey, CA; Naval Postgraduate School
Language
Abstract
Insider threats pose a severe risk to DOD networks and the missions they support. With trusted access, insiders can manipulate critical and sensitive cyber systems. These threats can be difficult to detect, given their trusted access. There is a need for early indications and warnings of deceptive activity so that the damage from these malicious actors can be stopped or limited as quickly as possible. Current deception detection capabilities include behavioral and physical biometrics, but these techniques do not address unencountered users. This study researches the merit of using human-computer interaction (HCI) features for a deception detection capability. With data collected in an online survey, machine learning is used to classify deceptive or potentially deceptive online behavior using keyboard and mouse movement. This study demonstrates the potential for utilizing (HCI) as an indicator for deception and offers the possibility of detecting deception in unencountered users. It expands the effectiveness of early insider threat detection by demonstrating the ability to classify concealed or deceptive user activity without the need for a user-specific model created from per-user historical data.
Type
Thesis
Description
Series/Report No
Department
Computer Science (CS)
Organization
Identifiers
NPS Report Number
Sponsors
Funder
Format
Citation
Distribution Statement
Approved for public release. Distribution is unlimited.
Rights
This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.