In the wake of Edward Snowden, and the growing risk of insider threats to informational security IT companies that service the public sector have been working to find solutions. Today, MITRE announced that is is licensing ELICIT a new system for monitoring insider threats to Insider Spyder, Inc., a Virginia-based company that provides cybersecurity software.
ELICIT analyzes network traffic including browsing, searching, downloading and printing history, and combines it with contextual details on how the user interacts with and uses information. ELICIT then analyzes the combined data to identify suspicious behavior and sends an alert to a Bayesian Belief Network, a graphical model that represents probabilistic relationships among random variables, to weigh the evidence and create a threat score. MITRE researchers found they can differentiate a malicious information user from a benign information user by aggregating and putting their behavior into context.
As a not-for-profit operator of federally funded research and development centers (FFRDCs), MITRE broadly shares its innovations. MITRE’s Technology Transfer Office works closely with the organization’s engineers, scientists and the MITRE Research Program to facilitate collaboration among researchers, academic institutions and federal laboratories interested in developing its innovations.
Insider Spyder is using the technology to build a platform for insider threat protection. Insider threats can include copying sensitive information, removing it entirely from work, or offering entry to competitors or malicious outside users.
“Technology commercialization is a priority for MITRE; it improves the affordability, efficiency and effectiveness of our sponsors’ mission capabilities,” said Barry Costa, director of MITRE’s Technology Transfer Office.