Scribd
Upload
124 views2 pages

Insider Threat Detection with PRODIGAL

PRODIGAL is a computer system developed by DARPA to analyze large amounts of network data like emails and server logs to rapidly discover insider threats. It uses graph theory, machine learning and other techniques to scan terabytes of data daily and identify the top five serious threats. The goal is to detect anomalous behavior like those who carried out data leaks, with applications to counterintelligence and commercial sectors like finance.

Uploaded by

mattew657
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
124 views2 pages

Insider Threat Detection with PRODIGAL

PRODIGAL is a computer system developed by DARPA to analyze large amounts of network data like emails and server logs to rapidly discover insider threats. It uses graph theory, machine learning and other techniques to scan terabytes of data daily and identify the top five serious threats. The goal is to detect anomalous behavior like those who carried out data leaks, with applications to counterintelligence and commercial sectors like finance.

Uploaded by

mattew657
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

PRODIGAL (computer system)

PRODIGAL (proactive discovery of insider threats using


graph analysis and learning) is a computer system for predicting Proactive discovery of
anomalous behavior among humans, by data mining network insider threats using graph
traffic such as emails, text messages and server log entries.[1] It is analysis and learning
part of DARPA's Anomaly Detection at Multiple Scales Establishment 2011
(ADAMS) project.[2] The initial schedule is for two years and the Sponsor DARPA
budget $9 million.[3]
Value $9 million
It uses graph theory, machine learning, statistical anomaly Goal Rapidly data mine
detection, and high-performance computing to scan larger sets of large sets to
data more quickly than in past systems. The amount of data
discover
analyzed is in the range of terabytes per day.[3] The targets of the
anomalies
analysis are employees within the government or defense
contracting organizations; specific examples of behavior the
system is intended to detect include the actions of Nidal Malik Hasan and WikiLeaks source Chelsea
Manning.[1] Commercial applications may include finance.[1] The results of the analysis, the five most
serious threats per day, go to agents, analysts, and operators working in counterintelligence.[1][3][4]

Primary participants
Georgia Institute of Technology College of Computing
Georgia Tech Research Institute
Defense Advanced Research Projects Agency
Army Research Office
Science Applications International Corporation
Oregon State University
University of Massachusetts Amherst
Carnegie Mellon University

See also
Cyber Insider Threat
Einstein (US-CERT program)
Threat (computer)
Intrusion detection
ECHELON, Thinthread, Trailblazer, Turbulence (NSA programs)
Fusion center, Investigative Data Warehouse (FBI)

References
1. "Video Interview: DARPA's ADAMS Project Taps Big Data to Find the Breaking Bad" ([Link]
[Link]/2011/11/29/video-interview-darpas-adams-project-taps-big-data-to-find-the-br
eaking-bad/). Inside HPC. November 29, 2011. Retrieved December 5, 2011.
2. Brandon, John (December 3, 2011). "Could the U.S. Government Start Reading Your
Emails?" ([Link]
ur-emails/). Fox News. Retrieved December 6, 2011.
3. "Georgia Tech Helps to Develop System That Will Detect Insider Threats from Massive Data
Sets" ([Link] Georgia Institute of
Technology. November 10, 2011. Retrieved December 6, 2011.
4. Storm, Darlene (December 6, 2011). "Sifting through petabytes: PRODIGAL monitoring for
lone wolf insider threats" ([Link]
[Link]/19382/sifting_through_petabytes_prodigal_monitoring_for_lone_wolf_insider_t
hreats). Computer World. Archived from the original ([Link]
ifting_through_petabytes_prodigal_monitoring_for_lone_wolf_insider_threats) on January
12, 2012. Retrieved December 6, 2011.

Retrieved from "[Link]

You might also like