Insider computer fraud detection in applications: A defense in depth framework involving software engineering and novelty neural networks

Kenneth Charles Brancik, Pace University

Abstract

The software development methodologies and products being manufactured exclude any substantive INFOSEC requirements or guidelines as part of a risk assessment design process. Increasing software functionality over security controls has elevated the level of risk in the software development process at the expense of designing and developing secure software applications. Furthermore, current software development methodologies do not adequately identify and report on anomalistic user behavior, which may originate from the insider threat. ^ The research conducted from this dissertation topic will establish a risk-based framework to identify insider misuse through computer fraud. This dissertation will design a security solution to mitigate the risks associated with the insider threat, involving computer fraud, based on the completion of a taxonomy of computer fraud, development of fraud and information security Patterns and training of a neural network to detect unusual user activity. Based on the aforementioned analysis, computer forensic journaling will be identified for incorporation within the systems or applications software development lifecycle as an early warning system of aberrant insider behavior. ^

Subject Area

Computer Science

Recommended Citation

Kenneth Charles Brancik, "Insider computer fraud detection in applications: A defense in depth framework involving software engineering and novelty neural networks" (January 1, 2005). ETD Collection for Pace University. Paper AAI3172517.
http://digitalcommons.pace.edu/dissertations/AAI3172517

Share

COinS

Remote User: Click Here to Login (must have Pace University remote login ID and password. Once logged in, click on the View More link above)