Creating a Digital Twin of an Insider Threat Detection Enterprise Using Model-Based Systems Engineering

Simple item page
dc.contributor.authorLee, James
dc.contributor.authorAlghamdi, Ahmad
dc.contributor.authorZaidi, Abbas K.
dc.date.accessioned2023-04-17T12:04:12Z
dc.date.available2023-04-17T12:04:12Z
dc.date.issued2022-04
dc.description.abstractInference Enterprise Modeling (IEM) is a methodology developed to address test and evaluation limitations that insider threat detection enterprises face due to a lack of ground truth and/or missing data. IEM uses a collection of statistical, data processing, analysis, and machine learning techniques to estimate and forecast the performance of these enterprises. As part of developing the IEM method, models satisfying various detection system evaluation requirements were created. In this work, we extend IEM as a digital twin generation technique by representing modeled processes as executable UML Activity Diagrams and tracing solution processes to problem requirements using ontologies. Using the proposed framework, we can rapidly prototype a digital twin of a detection system that can also be imported and executed in systems engineering simulation software tools such as Cameo Enterprise Architecture Simulation Toolkit. Cyber security and threat detection is a continuous process that requires regular maintenance and testing throughout its lifecycle, but there often exists access issues for sensitive and private data and proprietary detection model details to perform adequate test and evaluation activities in the live production environment. To solve this issue, organizations can use a digital twin technique to create a real-time virtual counterpart of the physical system. We describe a method for creating digital twins of live and/or hypothetical insider threat detection enterprises for the purpose of performing test and evaluation activities on continuous monitoring systems that are sensitive to disruptions. In this work, we use UML Activity Diagrams to leverage the integrated simulation capabilities of Model-Based Systems Engineering (MBSE).
dc.description.sponsorshipThe research reported here was supported under IARPA contract 2016 16031400006. The content is solely the responsibility of the authors and does not necessarily represent the official views of the U.S. Government.
dc.identifier.citationJ. Lee, A. Alghamdi, and A. K. Zaidi, “Creating a Digital Twin of an Insider Threat Detection Enterprise Using Model-Based Systems Engineering,” in 2022 IEEE International Systems Conference (SysCon), Montreal, QC, Canada, Apr. 2022, pp. 1–7. DOI: 10.1109/SysCon53536.2022.9773890.
dc.identifier.urihttps://hdl.handle.net/1920/13278
dc.language.isoen_US
dc.publisher2022 IEEE International Systems Conference (SysCon)
dc.rightsCopyright 2022 IEEE
dc.subjectDigital Twin
dc.subjectMBSE
dc.subjectInsider Threat
dc.subjectSystem Engineering
dc.titleCreating a Digital Twin of an Insider Threat Detection Enterprise Using Model-Based Systems Engineering
dc.typeArticle

Files

Original bundle
Now showing 1 - 1 of 1
Thumbnail Image
Name:
Syscon2022_-__grammerly_and_zotera_and_new_IEEE_formating.pdf
Size:
652.22 KB
Format:
Adobe Portable Document Format
Description:
Article
Download
License bundle
Now showing 1 - 1 of 1
No Thumbnail Available
Name:
license.txt
Size:
2.52 KB
Format:
Item-specific license agreed upon to submission
Description:
Download

Collections

Volgenau School of Engineering Graduate Research