Social Network Analysis has risen as one of the most interesting fields to explore. The popularity of networks like Facebook and Twitter made companies aware of the potential to explore the huge amounts of data shared among users. It is estimated that only inside the two giant social networks alone, Facebook with 483 million users and Twitter with 75 million users worldwide, more than 1 billion* pieces of content are daily shared among its members**. While the first step for companies is to reach those millions of users joining actively the social networks, a move forward arrives soon when the need to effectively analyze the results of their efforts, and minimize them pointing to the correct target, becomes a must.
* 140 M of tweets (2011 statistics)
Insiders are those people who work, or have previously worked, in a company and intentionally misused the access to compromise some information available. A popular example is Wikileaks, and how the threat of insiders should be a concern for any company. Nowadays, with the outsourcing done with the “cloud computing”, it is more important to detect insider attacks than ever .
This is a research carried by the RMIT University in collaboration with the CA Labs from CA Technologies. From 3 years of logs (2008 to 2011) extracted from the SVN access of a certain CA program they obtained 700M lines of access logs, and 282 unique users. In order to deal with such huge numbers they chose DEX graph database management system, which allowed them to store the following databases: