Skip to main content
SpringerLink
Log in

Attribution-based Anomaly Detection: Trustworthiness in an Online Community

  • Conference paper
Social Computing, Behavioral Modeling, and Prediction

Abstract

This paper conceptualizes human trustworthiness1 as a key component for countering insider threats in an online community within the arena of corporate personnel security. Employees with access and authority have the most potential to cause damage to that information, to organizational reputation, or to the operational stability of the organization. The basic mechanisms of detecting changes in the trustworthiness of an individual who holds a key position in an organization resides in the observations of overt behavior – including communications behavior – over time. “Trustworthiness” is defined as the degree of correspondence between communicated intentions and behavioral outcomes that are observed over time [27], [25]. This is the degree to which the correspondence between the target’s words and actions remain reliable, ethical and consistent, and any fluctuation does not exceed observer’s expectations over time [10]. To be able to tell if the employee is trustworthy is thus determined by the subjective perceptions from individuals in his/her social network that have direct business functional connections, and thus the opportunity to repeatedly observe the correspondence between communications and behavior. The ability to correlate data-centric attributions, as observed changes in behavior from human perceptions; as analogous to “sensors” on the network, is the key to countering insider threats.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 169.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. BBC News Online. (2002). “Enron Scandal at a glance,” [BBC News Online]. Obtained on August 22, 2006 from http://news.bbc.co.uk/1/hi/business/1780075.stm.

    Google Scholar 

  2. Benkoil, D. (1998, October) “An Unrepentant Spy: Jonathan Pollard Serving a Life Sentence,” [ABCNEWS.com], October 25, 1998.

    Google Scholar 

  3. C4ISR Joint Chiefs of Staff (2000). Information Assurance Through Defense In Depth. Washington D. C., February 2000.

    Google Scholar 

  4. Carr, J. (2007). Former Boeing Employee charged in data theft. SC Magazine. Released on July 12, 2007. Obtained from http://www.scmagazine.com/us/news/article/670671/ex-boeingemployee- charged-data-theft.

    Google Scholar 

  5. Cohen, L.E. and Felson, M. (1979). Social Change and Crime Rate Trends: A Routine Activity Approach. American Sociological Review, 44(4), (Aug., 1979), 588-608.

    Article  Google Scholar 

  6. Durkheim, E. (1897). Suicide: A Study in Sociology. Trans. John A. Spaulding and George Simpson. New York: The Free Press, 1951.

    Google Scholar 

  7. FBI National Press Office. (2001). Federal Beaureu of Investigation Story: Robert Philip Hanssen Espionage Case. Released on Feb 20, 2001. Obtained from http://www.fbi.gov/libref/historic/famcases/hanssen/hanssen.htm.

    Google Scholar 

  8. Felson, M. (1987). Routine Activities and Crime Prevention in the Developing-Metropolis. Criminology, 25(4), (Nov. 1987), 911.

    Article  Google Scholar 

  9. Felson, M. and Cohen, L.E. (1980). Human Ecology and Crime: A Routine Activity Approach. Human Ecology, 8(4), (Dec. 1980), 389-406.

    Article  Google Scholar 

  10. Hardin, R. (1996). Trustworthiness. Ethics, Vol. 107, No. 1. (Oct., 1996), pp. 26-42.

    Article  Google Scholar 

  11. Hardin, R. (2003). Gaming trust. In E. Ostrom & J. Walker (Eds.), Trust and reciprocity: Interdisciplinary lessons from experimental research(pp. 80-101). New York: Russell Sage Foundation.

    Google Scholar 

  12. Haydon, M.V. (1999). “The Insider Threat to U.S. Government Information Systems”, National Security Telecommunications and Information Systems Security Committee (NSTISSAM) INFOSEC 1-99, July 1999. http://www.nstissc.gov/Assets/pdf/NSTISSAM_INFOSEC1-99.pdf.

    Google Scholar 

  13. Heider, F. (1944). Social perception and phenomenal causality. Psychological Review, 51, 358- 374.

    Article  Google Scholar 

  14. Heider, F. (1958). The psychology of interpersonal relations. New York: John Wiley & Sons.

    Google Scholar 

  15. Hirschi, T. (1969). Causes of Delinquency. Beverly Hills, CA: University of California Press.

    Google Scholar 

  16. Hirschi, T. & Gottfredson, M.R. (1986). The Distinction Between Crime and Criminality. In Critique and Explanation: Essays in Honor of Gwynne Nettler, edited by T. Hartnagel & R. Silverman (pp. 44-69). NJ: Transaction.

    Google Scholar 

  17. Ho, S.M. (2008). Towards a Deeper Understanding of Personnel Anomaly Detection. Encyclopedia of Cyber Warfare and Cyber Terrorism, 2008 IGI Global Publications, Hershey, PA.

    Google Scholar 

  18. Keeney, M., Kowalski, E., Cappelli, D., Moore, A., Shimeall, T., and Rogers, S. (2005). “Insider Threat Study: Computer System Sabotage in Critical Infrastructure Sectors.” National Threat Assessment Center, U.S. Secret Service, and CERTtextregistered Coordination Center/Software Engineering Institute, Carnegie Mellon, May 2005, pp.21-34. Obtained from http://www.cert.org/archive/pdf/insidercross051105.pdf on April 10, 2007.

    Google Scholar 

  19. Kelley, H.H. (1973). The Process of Causal Attribution, American Psychologist, Feb 1973, 107-Obtained from http://faculty.babson.edu/krollag/org_site/soc_psych/kelly_attrib.html on July 5th, 2007.

    Google Scholar 

  20. Lamar, Jr. J.V. (1986). Two Not-So-Perfect Spies; Ronald Pelton is Convicted of Espionage as Jonathan Pollard Pleads Guilty. Time, 16 June 1986.

    Google Scholar 

  21. Mitnick, K.D. and Simon, W.L. (2002). The Art of Deception: Controlling the Human Element of Security. Indianapolis, Indiana: Wiley. 139

    Google Scholar 

  22. O’Connor, T. (2007). An Outline of Strain Theory; adapted from, T. O’Connor, Varieties of Strain Theory. Retrieved on January 05, 2007 from http://www.homestead.com/rouncefield/files/a_soc_dev_19.htm.

    Google Scholar 

  23. Park, J.S. and Ho, S.M. (2004). Composite Role-based Monitoring (CRBM) for Countering Insider Threats. Proceedings of Second Symposium on Intelligence and Security Informatics(ISI), Tucson, Arizona, June 2004.

    Google Scholar 

  24. Power, R. (2002). CSI/FBI Computer Crime and Security Survey. Computer Security Issues & Trends, 2002.

    Google Scholar 

  25. Rotter, J.B. (1967). A new scale for the measurement of interpersonal trust. Journal of Personality, 35 (4), 651–665.

    Article  Google Scholar 

  26. Rotter, J.B. and Stein, D.K. (1971). Public Attitudes Toward the Trustworthiness, Competence, and Altruism of Twenty Selected Occupations. Journal of Applied Social Psychology, Dec 1971, 1(4), 334–343.

    Article  Google Scholar 

  27. Rotter, J.B. (1980). Interpersonal Trust, Trustworthiness, and Gullibility. American Psychologist, Jan 1980, 35(1), 1–7.

    Article  MathSciNet  Google Scholar 

  28. Sykes, G.M. and Matza, D. (1957). Techniques of Neutralization: A Theory of Delinquency. American Sociological Review, 22(6), (Dec., 1957), 664-670.

    Article  Google Scholar 

  29. Tittle, C.R. (2004). Refining Control Balance Theory. Theoretical Criminology, 8(4), November, 2004, 395-428.

    Article  Google Scholar 

  30. Weiner, B. (2006). Social Motivation, Justice, and the Moral Emotions: An Attributional Approach. Lawrence Erlbaum Associates, inc., Mahwah, New Jersey.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Information Studies, Syracuse University, Syracuse, New York, USA

    Shuyuan Mary Ho

Authors
  1. Shuyuan Mary Ho
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Ira A. Fulton School of Engineering, Arizona State University, Brickyard Suite 501, 699 South Mill Avenue, Box 878809, Tempe, AZ85287-8809, U.S.A.

    Huan Liu

Rights and permissions

Reprints and permissions

Copyright information

© 2008 Springer Science+Business Media, LLC

About this paper

Cite this paper

Ho, S.M. (2008). Attribution-based Anomaly Detection: Trustworthiness in an Online Community. In: Liu, H., Salerno, J.J., Young, M.J. (eds) Social Computing, Behavioral Modeling, and Prediction. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-77672-9_15

Download citation

  • DOI: https://doi.org/10.1007/978-0-387-77672-9_15

  • Publisher Name: Springer, Boston, MA

  • Print ISBN: 978-0-387-77671-2

  • Online ISBN: 978-0-387-77672-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation