Proactive Discovery of Insider Threats Using Graph Analysis and Learning

Proactive Discovery of Insider Threats Using Graph Analysis and Learning or PRODIGAL is a computer system for predicting anomalous behavior amongst humans by data mining network traffic such as emails, text messages and log entries. It is part of DARPA's Anomaly Detection at Multiple Scales (ADAMS) project. The initial schedule is for two years and the budget $9 million.

It uses graph theory, machine learning, statistical anomaly detection, and high-performance computing to scan larger sets of data more quickly than in past systems. The amount of data analyzed is in the range of terabytes per day. The targets of the analysis are employees within the government or defense contracting organizations; specific examples of behavior the system is intended to detect include the actions of Nidal Malik Hasan and Wikileaks alleged source Bradley Manning. Commercial applications may include finance. The results of the analysis, the five most serious threats per day, go to agents, analysts, and operators working in counterintelligence.

Primary participants

 * Georgia Institute of Technology College of Computing
 * Georgia Tech Research Institute
 * Defense Advanced Research Projects Agency
 * Army Research Office
 * Science Applications International Corporation
 * Oregon State University
 * University of Massachusetts Amherst
 * Carnegie Mellon University