Insider threats pose a growing risk to businesses, institutions, and governmental organisations. A recent survey suggests the global cost of insider threats rose by 31% to $11.45M between 2018 and 2020, a 47% increase in frequency [i].
A key issue within insider threat detection is the ability to discern malicious or risky behaviours from a normal working pattern. In the first instance the project will look to understand the current state of the art to define the key indicators and metrics for detecting insider activity. A significant question within insider threat monitoring is the ability to understand who was responsible for any potential incidents. This project will look to leverage behavioural biometrics [ii] to develop a ‘behavioural fingerprint’ for an individual, which will combine a range of biometric traits (e.g. keystroke and mouse dynamics, swipe patterns, etc.). This will require a review of available traits and characteristics, how they can be captured and used to for user identification. The project will make use of a range of behavioural biometrics to not only identify a user but also additional characteristics about an individual, which could be used for further confidence in their identity. For example, this could include demographic information (e.g. age) or more specific data (e.g. name).
This project will make use of machine learning, data analytics, software development and user-centric design (or co-design) to develop proof-of-concepts.