Costa, Paulo C. G.Laskey, Kathryn B.AlGhamdi, GhaziBarbará, DanielShackelford, ThomasMirza, SepidehRevankar, Mehul2006-01-272006-01-272005-05Costa, Paulo C. G.; Laskey, Kathryn B.; Alghamdi, G.; Barbará, Daniel; Shackelford, Thomas; Mirza, Sepideh; and Revankar, Mehul (2005). DTB Project: A Behavioral Model for Detecting Insider Threats. 2005 International Conference on Intelligence Analysis. May 2-6, McLean, Virginia, USA.03https://analysis.mitre.org/proceedings/Final_Papers_Files/260_Camera_Ready_Paper.pdfhttps://hdl.handle.net/1920/452Full paper versionThis paper describes the Detection of Threat Behavior (DTB) project, a joint effort being conducted by George Mason University (GMU) and Information Extraction and Transport, Inc. (IET). DTB uses novel approaches for detecting insiders in tightly controlled computing environments. Innovations include a distributed system of dynamically generated document-centric intelligent agents for document control, object oriented hybrid logic-based and probabilistic modeling to characterize and detect illicit insider behaviors, and automated data collection and data mining of the operational environment to continually learn and update the underlying statistical and probabilistic nature of characteristic behaviors. To evaluate the DTB concept, we are conducting a human subjects experiment, which we will also include in our discussion.531502 bytesapplication/pdfen-USMulti-entity Bayesian networks (MEBN)Threat analysisProbabilisticBayesianIntrusion detectionCounter intelligenceDocument relevanceData miningNovel methodsMulti-entity Bayesian networksBehaviorAll sourceArticle