ABSTRACT
This chapter discusses how data mining technologies could be applied for insider threat detection in the cloud. It explores how semantic web technologies may be used to represent the communication between insiders. The chapter also discusses approach to insider threat detection and provides an overview of authors’ framework for insider threat detection that also incorporated some other techniques. One traditional approach to the insider threat detection problem is supervised learning which builds data classification models from training data. Resource description framework (RDF) is the data format for the semantic web and is very able to represent graph data. In RDF triple representation; this will simply be represented as a unique predicate. Triples consist of three parts: subject, predicate, and object. In RDF, almost everything is a resource and hence the name of the format. For querying we can utilize Hive, a Structured Query Language-like query language, and submit protocol and RDF Query Language, the query language for RDF data.
