Toward a Deeper Understanding of Personnel Anomaly Detection

2011 ◽  
pp. 206-215
Author(s):  
Shuyuan Mary Ho
Keyword(s):  
Anomaly Detection ◽  
Behavioral Outcomes ◽  
Sensitive Information ◽  
Potential Threat ◽  
Insider Threats ◽  
Internal Resources ◽  
Corporate Security ◽  
Systems Perspective ◽  
Individual Privacy ◽  
Over Time

Recent threats to prominent organizations have greatly increased social awareness of the need for information security. Many measures have been designed and developed to guard against threats from outsider attacks. Technologies are commonly implemented to actively prohibit unauthorized connection and/or limit access to corporate internal resources; however, threats from insiders are even more subtle and complex. Personnel whom are inherently trusted have valuable internal corporate knowledge that could impact profits or organizational integrity. They are often a source of potential threat within the corporation, through leaking or damaging confidential and sensitive information—whether intentionally or unintentionally. Identifying and detecting anomalous personnel behavior and potential threats are concomitantly important. It can be done by observation and evaluation of communicated intentions and behavioral outcomes of the employee over time. While human observations are subject to fallibility and systems statistics are subject to false positives, personnel anomaly detection correlates observations on the change of personnel trustworthiness to provide for both corporate security and individual privacy. In this paper, insider threats are identified as one of the significant problems to corporate security. Some insightful discussions of personnel anomaly detection are provided, from both a social and a systems perspective.

Disparities in Access to Well-Qualified, Well-Supported Special Educators Across Higher- Versus Lower-Poverty Schools Over Time

2021 ◽  
pp. 001440292110241
Author(s):  
Elizabeth Bettini ◽  
Tuan D. Nguyen ◽  
Allison F. Gilmour ◽  
Christopher Redding
Keyword(s):  
Special Education Teachers ◽  
Schools And Staffing Survey ◽  
Internal Resources ◽  
Material Resources ◽  
School Based ◽  
Student Socioeconomic Status ◽  
Nationally Representative ◽  
Changes Over Time ◽  
Response Policy ◽  
Over Time

Scholars have documented long-standing disparities in access to well-qualified, well-supported teachers, including disparities in access to special education teachers (SETs), based on student socioeconomic status. In response, policy initiatives have aimed to incentivize teaching in higher-poverty schools. Thus, we examined changes over time in disparities between SETs’ demands and resources (including internal resources, such as qualifications, and school-based resources, such as adequate materials), using multiple waves of the nationally representative Schools and Staffing Survey. We found that, by one metric, disparities in certification have closed since 2000. However, SETs in higher poverty schools are significantly more likely to work in self-contained settings than those in lower-poverty schools, and disparities in school-based resources continue to be significant, such that SETs in higher-poverty schools were significantly more likely to teach in self-contained classes, rated teacher cooperation significantly lower, and reported having significantly weaker access to material resources.

scholarly journals Anomaly detection in server metrics with use of one-sided median algorithm

2017 ◽  
Vol 9 (1) ◽  
pp. 5-22
Author(s):  
Szymon Zacher ◽  
Przemysław Ryba
Keyword(s):  
Time Series ◽  
Anomaly Detection ◽  
Detection Rate ◽  
Short Description ◽  
Algorithm Performance ◽  
Mail Service ◽  
Over Time ◽  
Simple Production ◽  
Good Detection

AbstractIn this paper we consider the problem of anomaly detection over time series metrics data took from one of corporate grade mail service cluster. We propose the algorithm based on one-sided median concept and present some results of experiments showing impact of parameters settings on algorithm performance. In addition we present short description of classes of anomalies discovered in monitored system. Proposed one-sided median based algorithm shows great robustness and good detection rate and can be considered as possible simple production ready solution.

Digital Government and Individual Privacy

2011 ◽  
pp. 133-148
Author(s):  
Patrick R. Mullen
Keyword(s):  
Personal Information ◽  
Personal Privacy ◽  
Potential Threat ◽  
Digital Government ◽  
Security Controls ◽  
Individual Privacy ◽  
The Government ◽  
Policies And Programs ◽  
The Impact ◽  
Privacy Issues

The growth of the Internet and digital government has dramatically increased the Federal government’s ability to collect, analyze, and disclose personal information about many private aspects of citizens’ lives. Personal information once available only on paper to a limited number of people is now instantly retrievable anywhere in the world by anyone with a computer and an Internet connection. Over time, there has also been a declining level of trust by Americans in government, and currently, many perceive the government as a potential threat to their privacy. Given these forces at work in our society, one should not be surprised to read the results of surveys that show privacy as a top concern of citizens in the 21st century. If citizens do not believe that the government is adequately protecting the privacy of their individual information, they may be less willing to provide this information. Such reluctance could compromise the ability of government to collect important information necessary to develop, administer and evaluate the impact of various policies and programs. Privacy issues discussed in this chapter include challenges regarding (1) protecting personal privacy; (2) ensuring confidentiality of data collected; and (3) implementing appropriate security controls. Perspectives on privacy and stewardship responsibilities of agencies are also discussed.

Practical Measures for Securing Government Networks

2008 ◽  
pp. 386-394
Author(s):  
Stephen K. Aikins
Keyword(s):  
Information Security ◽  
Denial Of Service ◽  
Cost Effective ◽  
Internet Security ◽  
The State ◽  
Sensitive Information ◽  
Dos Attacks ◽  
Security Vulnerabilities ◽  
Internal Resources ◽  
State And Local

The modern network and Internet security vulnerabilities expose state and local government networks to numerous threats such as denial of service (DoS) attacks, computer viruses, unauthorized access, confidentiality breaches, and so forth. For example, in June 2005, the state of Delaware saw a spike of 141,000 instances of “suspicious activity” due to a variant of the mytopb worm, which could have brought the state’s network to its knees had appropriate steps not been taken (Jarrett, 2005; National Association of State Chief Information Officers [NASCIO], 2006b). On an average day, the state of Michigan blocks 22,059 spam e-mails, 21,702 e-mail viruses, 4,239 Web defacements, and six remote computer takeover attempts. Delaware fends off nearly 3,000 attempts at entering the state’s network daily (NASCIO, 2006b). Governments have the obligation to manage their information security risks by securing mission- critical internal resources such as financial records and taxpayer sensitive information on their networks. Consequently, public-sector information security officers are faced with the challenge to contain damage from compromised systems, prevent internally and Internet-launched attacks, provide systems for logging and intrusion detection, and build frameworks for administrators to securely manage government networks (Oxlenhandler, 2003). This chapter discusses some of the cost-effective measures needed to address government agency information security vulnerabilities and related threats.

Graph Theory and Classifying Security Events in Grid Security Gateways

2020 ◽  
Vol 14 (01) ◽  
pp. 93-105
Author(s):  
James Obert ◽  
Adrian Chavez
Keyword(s):  
Time Series ◽  
Graph Theory ◽  
Anomaly Detection ◽  
Power Distribution ◽  
Time Series Data ◽  
Energy Resource ◽  
Behavioral Pattern ◽  
Series Data ◽  
Potential Threat ◽  
Packet Header

In recent years, the use of security gateways (SG) located within the electrical grid distribution network has become pervasive. SGs in substations and renewable distributed energy resource aggregators (DERAs) protect power distribution control devices from cyber and cyber-physical attacks. When encrypted communications within a DER network is used, TCP/IP packet inspection is restricted to packet header behavioral analysis which in most cases only allows the SG to perform anomaly detection of blocks of time-series data (event windows). Packet header anomaly detection calculates the probability of the presence of a threat within an event window, but fails in such cases where the unreadable encrypted payload contains the attack content. The SG system log (syslog) is a time-series record of behavioral patterns of network users and processes accessing and transferring data through the SG network interfaces. Threatening behavioral pattern in the syslog are measurable using both anomaly detection and graph theory. In this paper, it will be shown that it is possible to efficiently detect the presence of and classify a potential threat within an SG syslog using light-weight anomaly detection and graph theory.

Copper Partitioning Among Mineral and Organic Fractions in Biosolids

2006 ◽  
Vol 3 (1) ◽  
pp. 48 ◽  
Author(s):  
I. W. Oliver ◽  
G. Merrington ◽  
M. J. McLaughlin
Keyword(s):  
Organic Matter ◽  
Sorption Capacity ◽  
Large Degree ◽  
Land Application ◽  
Organic Fraction ◽  
Potential Threat ◽  
Mineral Fraction ◽  
Organic Fractions ◽  
Over Time

Environmental Context.Only a portion of the total amount of heavy metals present in sewage biosolids is accessible to organisms, including plants, and therefore only that portion presents any possible toxicity threat. However, metals such as copper, which are commonly associated to a large degree with the organic fraction, may become more accessible over time as organic components degrade. Determining the extent of partitioning of Cu between the organic and inorganic fractions may provide an indication of any long-term risks associated with utilisation of biosolids in agriculture. Abstract.Metal partitioning between organic and mineral fractions in biosolids may provide an indication of the long-term risks associated with land application of the material. For example, metals found to partition into the organic phase may pose a potential threat when the organic matter is decomposed, whereas metals bound in the mineral fraction would be expected to remain stable over time (given no changes in other environmental conditions) owing to the stability of mineral components. Therefore the question of which components bind copper in biosolids, and whether the sorption capacity is maintained over time, was addressed in the present study. Biosolids incubated for 21 months and non-incubated controls were examined. The solid–solution distribution coefficient (Kd) for Cu was measured in whole biosolids and in biosolid organic and mineral fractions via batch experiments employing the radioactive isotope 64Cu. The mineral fraction was isolated by NaOCl oxidation, whereas the organic fraction was isolated using HF. Results found the relative importance of mineral and organic fractions to Cu sorption varies between biosolids, and in some cases can vary over time. Reduction in sorption capacity caused by losses of organic matter in some biosolids suggests the possibility of increased availability of biosolid metals over time.

Thinking Through Exposure

2019 ◽  
pp. 11-30
Author(s):  
Jasper A. J. Smits ◽  
Mark B. Powers ◽  
Michael W. Otto
Keyword(s):  
Active Learning ◽  
Learning Process ◽  
Exposure Therapy ◽  
Outcome Expectancies ◽  
False Alarms ◽  
Potential Threat ◽  
New Learning ◽  
The Difference ◽  
Over Time ◽  
Negative Outcome

Chapter 2 introduces a model of fears in terms of a network of learned associations among interconnected nodes. When these memories are cued, they can elicit expectancies for potential threat outcomes. Exposure therapy is used to alter these danger expectancies through new learning through confronting feared cues. This is an active learning process in which patients learn unconditional safety in response to their fear cues across diverse contexts. Over time, patients learn the difference between danger and fear (true vs. false alarms). To achieve this, it is important to (a) identify negative outcome expectancies to safe but feared cues (false alarms), (b) actively test these expectancies with exposure, (c) conduct postexposure processing of what was (was not) learned, and (d) rehearse this learning between sessions.

Sign in / Sign up

Export Citation Format

Share Document