Proactive Discovery of Insider Threats Using Graph Analysis and Learning
|Goal||Rapidly data mine large sets to discover anomalies|
Proactive Discovery of Insider Threats Using Graph Analysis and Learning or PRODIGAL is a computer system for predicting anomalous behavior amongst humans by data mining network traffic such as emails, text messages and log entries. It is part of DARPA's Anomaly Detection at Multiple Scales (ADAMS) project. The initial schedule is for two years and the budget $9 million.
It uses graph theory, machine learning, statistical anomaly detection, and high-performance computing to scan larger sets of data more quickly than in past systems. The amount of data analyzed is in the range of terabytes per day. The targets of the analysis are employees within the government or defense contracting organizations; specific examples of behavior the system is intended to detect include the actions of Nidal Malik Hasan and Wikileaks alleged source Chelsea Manning. Commercial applications may include finance. The results of the analysis, the five most serious threats per day, go to agents, analysts, and operators working in counterintelligence.
- Georgia Institute of Technology College of Computing
- Georgia Tech Research Institute
- Defense Advanced Research Projects Agency
- Army Research Office
- Science Applications International Corporation
- Oregon State University
- University of Massachusetts Amherst
- Carnegie Mellon University
- Cyber Insider Threat
- Einstein (US-CERT program)
- Threat (computer)
- Intrusion detection
- Echelon, Thinthread, Trailblazer, Turbulence (NSA programs)
- Fusion center, Investigative Data Warehouse (FBI)
- "Video Interview: DARPA's ADAMS Project Taps Big Data to Find the Breaking Bad". Inside HPC. 2011-11-29. Retrieved 2011-12-05.
- Brandon, John (2011-12-03). "Could the U.S. Government Start Reading Your Emails?". Fox News. Retrieved 2011-12-06.
- "Georgia Tech Helps to Develop System That Will Detect Insider Threats from Massive Data Sets". Georgia Institute of Technology. 2011-11-10. Retrieved 2011-12-06.
- Storm, Darlene (2011-12-06). "Sifting through petabytes: PRODIGAL monitoring for lone wolf insider threats". Computer World. Retrieved 2011-12-06.
|This software article is a stub. You can help Wikipedia by expanding it.|