Proactive discovery of insider threats using graph analysis and learning | |
Label2: | Establishment |
Data2: | 2011 |
Label3: | Sponsor |
Data3: | DARPA |
Label4: | Value |
Data4: | $9 million |
Label5: | Goal |
Data5: | Rapidly data mine large sets to discover anomalies |
Label5: | Primary contractor |
Data5: | Georgia Tech Research Institute |
Label6: | Other contractors |
Data6: | ???--> |
PRODIGAL (proactive discovery of insider threats using graph analysis and learning) is a computer system for predicting anomalous behavior among humans, by data mining network traffic such as emails, text messages and server log entries.[1] It is part of DARPA's Anomaly Detection at Multiple Scales (ADAMS) project.[2] The initial schedule is for two years and the budget $9 million.[3]
It uses graph theory, machine learning, statistical anomaly detection, and high-performance computing to scan larger sets of data more quickly than in past systems. The amount of data analyzed is in the range of terabytes per day. The targets of the analysis are employees within the government or defense contracting organizations; specific examples of behavior the system is intended to detect include the actions of Nidal Malik Hasan and WikiLeaks source Chelsea Manning. Commercial applications may include finance. The results of the analysis, the five most serious threats per day, go to agents, analysts, and operators working in counterintelligence.[4]