Generating Test Data for Insider
Threat Detectors Brian Lindauer1+, Joshua Glasser2, Mitch Rosen2, and Kurt Wallnau1
Abstract The threat of malicious
insider activity continues to be of paramount concern in both the public and private
sectors. Though there is great interest in advancing the state of the art in
predicting and stopping these threats, the difficulty of obtaining suitable
data for research, development, and testing remains a significant hindrance.
We outline the use of a synthetic data generator to enable research progress,
while discussing the benefits and limitations of synthetic insider threat
data, the meaning of realism in this context, comparisons to a hybrid
real/synthetic data approach, and future research directions. Keywords: insider threat, synthetic data, modeling and
simulation +: Corresponding author: Brian Lindauer Software Engineering
Institute 4500 Fifth Avenue, Pittsburgh, PA 15213, USA Journal of
Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications
(JoWUA), Vol. 5, No. 2,
pp. 80-94, June 2014 [pdf] |