icon-carat-right menu search cmu-wordmark

Sentiment-Based Behavior Analytics

Presentation
Hafiz Farooq of Saudi Aramco presented this session at FloCon 2024.
Publisher

Software Engineering Institute

Topic or Tag

Abstract

Insider Threats have always been a challenging threat spectrum for large enterprises since they can cause heavy financial and operational damages. Also, these are difficult to detect by any SOC since these attacks use authorized means to launch the attack vectors against the enterprise. The traditional machine learning detections are prone to failure in such non-anomalous and covert attack patterns, due to high-dimensionality of features and no difference in behavior of the malicious and normal enterprise users.

Natural Language Processing (NLP), however, can rescue this issue and help in differentiating between malicious and normal patterns using Sentiment Analysis (SA) of user activity datasets. Despite the noisy operational activities, Sentiment Analysis can still discover the divergent activities and help in the timely detection of attackers in the initial phase of their cyber-attacks. Hence, we ran Sentiment Analysis algorithms on enterprise security bigdata and formulated an optimal framework, which we called Sentiment Behavior Analytics (SBA). In this presentation, we will present the detailed architecture of our SBA framework and explain different features.

Attendees Will Learn

Attendees will learn how they can leverage NLP Algorithms to detect suspicious, malicious, and disgruntled insiders.