Data-mining detects the disaffected

Here's another reason to get off that antisocial kick and get with the networking.

The Air Force is developing a data-mining technology meant to root out disaffected insiders based on their e-mail activity--or lack thereof, according to an article in this month's International Journal of Security and Networks.

The technology, based on something called Probabilistic Latent Semantic Indexing (PDF), scours an organization's e-mail traffic and constructs a graph of social network interactions illustrating employee activity. If a worker suddenly stops socializing online, abruptly shifts alliances within the organization, or starts developing an unhealthy interest in "sensitive topics," the system detects it and alerts investigators.

Most corporate security efforts focus on electronic threats from the outside, even through insiders with access to sensitive information can pose a greater threat to an organization, according to researchers at the Air Force Institute of Technology at Wright Patterson Air Force Base in Ohio. Alienated individuals who display a secret interest in suspicious topics but never let on by communicating with others are the most likely to be an insider threat, the researchers say. The program could prevent security breaches, sabotage, and even terrorist activity at multinational corporations and military organizations alike, according to the article.

And don't think that just because you're the boss you're off the hook. The team tested Enron's e-mail archive and uncovered several individuals who represented potential insider threats. Granted, none of them were the bosses who had done all the damage, but the researchers were confident that with full access and by turning a "domain on its ear" the software would ferret out potential malefactors and whistleblowers alike.