JoWUA

Abstract

This issue is composed of four papers, which provide innovative research results related to the fields of insider threats and mobile software security. Especially, the first three papers are the fully extended versions, whose preliminary one was originally presented at the 7th ACM CCS International Workshop on Managing Insider Security Threats (MIST’15)1.  In the first article “Ben-ware: Identifying Anomalous Human Behavior in Heterogeneous Systems Using Beneficial Intelligent Software” [1], the authors introduce the concept of “Ben-ware”, which is a beneficial software system that makes use of low-level data collection from employees’ computers to detect anomalous behavior of an employee. In order to minimize the risk of false positives, this work attempts to utilize human factors, artificial intelligence, and risk analysis through an interdisciplinary collaboration involving computer scientists, a criminologist and behavioral analysis experts. It is demonstrated that Ben-ware enables to detect potentially malicious acts as well as has low impact on the resources of the organization.  In the second article “Supervised and Unsupervised methods to detect Insider Threat from Enterprise Social and Online Activity Data” [2], the authors aim to detect insider threats by analyzing enterprise social and online activity data of employees. For such an aim, two approaches are studied: the unsupervised and supervised approaches. Especially, these approaches are tested with a real world data set with artificially injected insider threat events. The test results show that the proposed approaches are effective in identifying insider threat events.