A. A. Grusho, M. I. Zabezhailo, D. V. Smirnov, E. E. Timonina, S. Ya. Shorgin, “Mathematical statistics in the task of identifying hostile insiders”, Inform. Primen., 2020, Volume 14, Issue 3,Pages <nobr>71

This article is cited in 1 paper

Mathematical statistics in the task of identifying hostile insiders

A. A. Grusho^a, M. I. Zabezhailo^b, D. V. Smirnov^c, E. E. Timonina^a, S. Ya. Shorgin^a

^a Institute of Informatics Problems, Federal Research Center “Computer Sciences and Control” of the Russian Academy of Sciences, 44-2 Vavilov Str., Moscow 119133, Russian Federation
^b A. A. Dorodnicyn Computing Center, Federal Research Center “Computer Science and Control” of the Russian Academy of Sciences, 40 Vavilov Str., Moscow 119333, Russian Federation
^c Sberbank of Russia, 19 Vavilov Str., Moscow 117999, Russian Federation

Abstract: The paper explores approaches to identifying hostile insiders of the organization using collusion. The problem of identifying the organized group of information security violators is one of the most complex tasks of ensuring the security of organization. The set of source data for analysis consists of many small samples describing the functionality of the organization's information technologies. This set can be considered as big data. The clustering method is used to reduce the amount of source data that made it possible to use mathematical statistics efficiently, i. e., to identify small samples carrying information about hostile insiders. The difficulty of the task was to lose as little as possible the needed small samples. The conditions have been found where in the series scheme, the probability of identifying insiders using collusion tends to 1.

Keywords: identification of the organized group of hostile insiders, small samples, big data, mathematical statistics.

Received: 02.06.2020

DOI: 10.14357/19922264200310