Insider computer fraud detection in applications: A defense in depth framework involving software engineering and novelty neural networks
The software development methodologies and products being manufactured exclude any substantive INFOSEC requirements or guidelines as part of a risk assessment design process. Increasing software functionality over security controls has elevated the level of risk in the software development process at the expense of designing and developing secure software applications. Furthermore, current software development methodologies do not adequately identify and report on anomalistic user behavior, which may originate from the insider threat. ^ The research conducted from this dissertation topic will establish a risk-based framework to identify insider misuse through computer fraud. This dissertation will design a security solution to mitigate the risks associated with the insider threat, involving computer fraud, based on the completion of a taxonomy of computer fraud, development of fraud and information security Patterns and training of a neural network to detect unusual user activity. Based on the aforementioned analysis, computer forensic journaling will be identified for incorporation within the systems or applications software development lifecycle as an early warning system of aberrant insider behavior. ^
Kenneth Charles Brancik,
"Insider computer fraud detection in applications: A defense in depth framework involving software engineering and novelty neural networks"
(January 1, 2005).
ETD Collection for Pace University.