Employee Anomaly Detection

C0mp@ny is a medium sized company with its headquarter located in Charlotte, North Carolina, USA. It has its offshore offices in Paris, London and Luxembourg. The Charlotte office employs around 100 employees. The company has four departments: Human Resource (HR), Research, Information Technology (IT), and Finance. On every work-day each employee logs onto their office machine. Employees can log on to their account either from home or office using the proper credentials and a secure connection. They can access documents shared with them or documents they have been given authorized access. They can use devices (e.g., printer, fax, and telephone) and other company resources available to them. After working hours, they need to log out of the machines.

An emplyee is not supposed to access company resources after he/she leaves the company.

In this lab, students will analyze the employee activity log to detect incidents in which a previous employee tries to access company resources after he/she has left the company.