Keywords

unauthorized data access, insider threats, human-computer interaction, mouse cursor movements, HCI dynamics, deception detection

Abstract

Unauthorized Data Access (UDA) by an internal employee is a major threat to an organization. Regardless of whether the individuals engaged in UDA with malicious intent or not, real-time identification of UDA events and anomalous behaviors is extremely difficult. For example, various artificial intelligence methods for detecting insider threat UDA have become readily available; while useful, such methods rely on post hoc analysis of the past (e.g., unsupervised learning algorithms on access logs). This research-in-progress note reports on if the analysis of Human-Computer Interaction (HCI) behaviors, which have been empirically validated in various studies to reveal hidden cognitive state, can be utilized as a method to detect UDAs. To examine this, an experimental design was required that would grant the subjects an opportunity to engage in UDA events while tracking the HCI behaviors in an unobtrusive manner. Background, experimental design, study execution, preliminary results, and future research plans are presented.

Original Publication Citation

Byrd, M.D., Jenkins, J. L., Kim, D., Kumar, M., Schwartz, A. W., Valacich, J. S. Williams, P. A., Wright, R. T. (2019) “Understanding Unauthorized Access using Fine- Grained Human-Computer Interaction Data” Proceedings of the Eighteenth Annual Workshop on HCI Research in MIS, Munich, Germany, December 15.

Document Type

Conference Paper

Publication Date

2019

Publisher

Proceedings of the Eighteenth Annual Workshop on HCI Research in MIS

Language

English

College

Marriott School of Business

Department

Information Systems Management

University Standing at Time of Publication

Full Professor

Share

COinS