2025_EML Capstone Projects

1. Introduction and Problem Motivation The Department of Veterans Affairs (VA) manages sensitive data for over nine million veterans, including medical, financial, and personal records. While its cybersecurity strategy robustly defends against external threats, it lacks an effective system to identify internal risks, specifically, insider threats from individuals with authorized access. This capstone project addresses that gap by proposing and developing a behavioral analytics-based insider threat detection system. As the massive volumes of highly sensitive data is managed in VA’s database system, this project is particularly important to ensure threats are identified and eliminated as aimed. The goal is to enhance the VA’s ability to identify, visualize, and respond to anomalous behaviors that may indicate insider threats, using machine learning, rule-based algorithms, and real-time dashboards. This work bridges critical domains in engineering, cybersecurity, and leadership by developing a technically robust yet transparent solution aligned with compliance mandates like HIPAA and FISMA. As a veteran and current government employee, the motivation for this project is personal and professional. This project is built to reflect a deep commitment to protecting public-sector infrastructure and privacy. It represents an opportunity to lead in cybersecurity management within government technology. As someone pursuing a career in cybersecurity management for a government agency, this project aligns directly with my professional objectives. 2. Problem Statement The VA faces a significant vulnerability: the lack of an insider threat detection system. Employees or contractors with legitimate access may intentionally or accidentally misuse their privileges, which puts veteran data at risk. The project aims to develop a system that detects unusual user behaviors such as excessive downloads or off-hours access by learning and flagging deviations from established norms. This detection mechanism must be explainable, audit-ready, and compliant with government regulations.

3. Background and Literature Review Insider threats constitute over 60% of healthcare data breaches, per Verizon's DBIR report. Historical cases like the 2006 VA laptop breach underscore the consequences of such

Back to Table of Contents