Wavelet transform and unsupervised machine learning to detect insider threat on cloud file-sharing
| Title | Wavelet transform and unsupervised machine learning to detect insider threat on cloud file-sharing |
| Publication Type | Conference Paper |
| Year of Publication | 2017 |
| Authors | Feng, W., Yan, W., Wu, S., Liu, N. |
| Conference Name | 2017 IEEE International Conference on Intelligence and Security Informatics (ISI) |
| ISBN Number | 978-1-5090-6727-5 |
| Keywords | cloud computing, cloud file-sharing, cloud file-sharing services, Collaboration, Company Data, company IP, discrete wavelet transform, discrete wavelet transforms, DWT, graph theory, graph-based unsupervised learning, graph-based unsupervised machine learning methods, Haar transforms, Haar wavelet, Haar wavelet function, Human Behavior, human factors, Insider Threat Detection, insider threats, Learning systems, local-outlier factor, LOF, machine learning algorithms, Metrics, OddBall, pagerank, Peer-to-peer computing, policy-based governance, pubcrawl, relationship graphs, Resiliency, security of data, Time series analysis, two-stage machine learning system, unsupervised learning, wavelet analysis, wavelet coefficients |
| Abstract | As increasingly more enterprises are deploying cloud file-sharing services, this adds a new channel for potential insider threats to company data and IPs. In this paper, we introduce a two-stage machine learning system to detect anomalies. In the first stage, we project the access logs of cloud file-sharing services onto relationship graphs and use three complementary graph-based unsupervised learning methods: OddBall, PageRank and Local Outlier Factor (LOF) to generate outlier indicators. In the second stage, we ensemble the outlier indicators and introduce the discrete wavelet transform (DWT) method, and propose a procedure to use wavelet coefficients with the Haar wavelet function to identify outliers for insider threat. The proposed system has been deployed in a real business environment, and demonstrated effectiveness by selected case studies. |
| URL | http://ieeexplore.ieee.org/document/8004896/ |
| DOI | 10.1109/ISI.2017.8004896 |
| Citation Key | feng_wavelet_2017 |
- pubcrawl
- Learning systems
- local-outlier factor
- LOF
- machine learning algorithms
- Metrics
- OddBall
- pagerank
- Peer-to-peer computing
- policy-based governance
- Insider Threats
- relationship graphs
- Resiliency
- security of data
- Time series analysis
- two-stage machine learning system
- Unsupervised Learning
- wavelet analysis
- wavelet coefficients
- graph theory
- cloud file-sharing
- cloud file-sharing services
- collaboration
- Company Data
- company IP
- discrete wavelet transform
- discrete wavelet transforms
- DWT
- Cloud Computing
- graph-based unsupervised learning
- graph-based unsupervised machine learning methods
- Haar transforms
- Haar wavelet
- Haar wavelet function
- Human behavior
- Human Factors
- Insider Threat Detection