Campus Units
Electrical and Computer Engineering, Computer Science
Document Type
Article
Publication Version
Accepted Manuscript
Publication Date
6-2017
Journal or Book Title
IEEE Systems Journal
Volume
11
Issue
2
First Page
471
Last Page
482
DOI
10.1109/JSYST.2016.2558507
Abstract
We present a scalable system for high-throughput real-time analysis of heterogeneous data streams. Our architecture enables incremental development of models for predictive analytics and anomaly detection as data arrives into the system. In contrast with batch data-processing systems, such as Hadoop, that can have high latency, our architecture allows for ingest and analysis of data on the fly, thereby detecting and responding to anomalous behavior in near real time. This timeliness is important for applications such as insider threat, financial fraud, and network intrusions. We demonstrate an application of this system to the problem of detecting insider threats, namely, the misuse of an organization's resources by users of the system and present results of our experiments on a publicly available insider threat dataset.
Rights
Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
Copyright Owner
IEEE
Copyright Date
2017
Language
en
File Format
application/pdf
Recommended Citation
Northrop Grumman Corporation; Northrop Grumman Corporation; Tirthapura, Srikanta; Chung, Yung-Yu; and Northrop Grumman Corporation, "Detecting Insider Threats Using RADISH: A System for Real-Time Anomaly Detection in Heterogeneous Data Streams" (2017). Electrical and Computer Engineering Publications. 172.
https://lib.dr.iastate.edu/ece_pubs/172
Comments
This is a manuscript of an article published as Böse, Brock, Bhargav Avasarala, Srikanta Tirthapura, Yung-Yu Chung, and Donald Steiner. "Detecting insider threats using radish: a system for real-time anomaly detection in heterogeneous data streams." IEEE Systems Journal 11, no. 2 (2017): 471-482. DOI: 10.1109/JSYST.2016.2558507. Posted with permission.