Conferences

• IFIP International Symposium on Human Aspects of Information Security & Assurance (HAISA 2021); papers due April 26, 2021
• New Security Paradigms Workshop (NSPW 2021); papers due May 21, 2021

---

My Links

• My Home Page
• Books
• Classes
• Papers
• Reports and Notes
• Research
• Security in Programming
• Service
• Students
• Talks
• Miscellaneous
• My Family
• About Me (CV and such)

---

Other Links

• Cybersecurity Club
• Computer Security Lab
• Dept. of Computer Science
• College of Engineering
• University of California, Davis
• City of Davis
• County of Yolo
• State of California
• United States of America

---

Me

• This Quarter’s Classes
• Office Hours for This Quarter
• Contacting Me
• My Personal Blog
  (Last Entry September 4, 2020; “Don’t Vote Twice”)

---

Current Time in Davis, CA, USA

Information Behaving Badly

Citation

J. Ard, M. Bishop, C. Gates, and M. Sun, “Information Behaving Badly,” Proceedings of the 2013 New Security Paradigms Workshop pp. 107–118 (Sep. 2013).

Paper

• Published version web page, free at ACM Digital Library []
• Published version web page, paper paywalled at ACM Digital Library: [DOI] [URL]
• Authors’ final version:
  • Local: [PDF] [PS]
  • UC Repository: [eScholarship]

Abstract

Traditionally, insider threat detection has focused on observing human actors — or, more precisely, computer accounts and processes acting on behalf of those actors — to model their “normal” behavior, then determine if they have performed some anomalous action and, further, if that action is malicious. In this paper, we shift the paradigm from observing human behavior to observing information behavior by modeling how documents flow through an organization. We hypothesize that similar types of documents will exhibit similar workflows, and that a document deviating from its expected workflow indicates potential data leakage.

Bibliographic Information: [BibTeX] [EndNote] [RIS]
DOI: 10.1145/2535813.2535825

---

Last updated on Thursday, April 15, 2021 11:20:55 PM PDT