PRODIGAL

PRODIGAL (proactive discovery of insider threats using graph analysis and learning) is a computer system for predicting anomalous behavior among humans, by data mining network traffic such as emails, text messages and server log entries.^[1] It is part of DARPA's Anomaly Detection at Multiple Scales (ADAMS) project.^[2] The initial schedule is for two years and the budget $9 million.^[3]

It uses graph theory, machine learning, statistical anomaly detection, and high-performance computing to scan larger sets of data more quickly than in past systems. The amount of data analyzed is in the range of terabytes per day.^[3] The targets of the analysis are employees within the government or defense contracting organizations; specific examples of behavior the system is intended to detect include the actions of Nidal Malik Hasan and WikiLeaks source Chelsea Manning.^[1] Commercial applications may include finance.^[1] The results of the analysis, the five most serious threats per day, go to agents, analysts, and operators working in counterintelligence.^[1][3][4]

• Georgia Institute of Technology College of Computing
• Georgia Tech Research Institute
• Defense Advanced Research Projects Agency
• Army Research Office
• Science Applications International Corporation
• Oregon State University
• University of Massachusetts Amherst
• Carnegie Mellon University

• Cyber Insider Threat
• Einstein (US-CERT program)
• Threat (computer)
• Intrusion detection
• ECHELON, Thinthread, Trailblazer, Turbulence (NSA programs)
• Fusion center, Investigative Data Warehouse (FBI)