ProgramsBMIS476 PROJECT MANAGEMENT Fall 2021ProjectsCybersecurity Data Engineering for Insider Threat Detection

Project Title: Cybersecurity Data Engineering for Insider Threat Detection

Morton Analytics LLC

Details
Project Title Cybersecurity Data Engineering for Insider Threat Detection
Project Topics Data Management Reporting, Financial Planning & Analysis Research & Development Software Design & Development
Skills & Expertise
Project Synopsis: Challenge/Opportunity
Internal threats to IT systems pose significant risks and financial costs to businesses and governments. Unlike external attacks, detecting internal threats remains a challenge as IT logs are rarely shared between organizations. This project aims to leverage synthetic IT log data and an insider threat answer key to develop a data model that can predict insider threats. By doing so, Morton Analytics seeks to innovate towards a commercial insider threat detection service. This project will focus on converting log data into a structured format suitable for statistical and machine learning models, ultimately creating a robust solution for identifying potential insider threats.
Project Synopsis: Activities/Actions Required
  • Download and unzip the synthetic data set from the provided link.
  • Convert log data into a table with one row per user session and each column representing a variable.
  • Engineer new features/variables from the log data relevant to insider threat detection.
  • Fit a statistical/machine learning model to predict insider threats using the engineered variables.
  • Present summary statistics and findings through data visualization tools.
  • Test the developed model on an unseen data set to validate its performance.
  • Document the data processing and model development pipeline for reproducibility.
  • Develop recommendations for further improvement and potential commercialization of the insider threat detection service.
Project Synopsis: Expected Results
  • Number of variables engineered from the log data.
  • Processing time per 100K rows of log data.
  • Accuracy and performance metrics of the predictive model on the validation data set.
  • Ability to reproduce the developed method on a second, unseen data set.
  • Positive feedback from internal stakeholders on the utility and usability of the data model and visualizations.

Project Timeline

Touchpoints & Assignments Date Type

Program Managers

Name Organization
Shawn Clouse University of Montana

Teams

Team Name  Project Name  Team Members 
No Teams Available