Visible to the public Deep Learning Based Attribute Classification Insider Threat Detection for Data Security

TitleDeep Learning Based Attribute Classification Insider Threat Detection for Data Security
Publication TypeConference Paper
Year of Publication2018
AuthorsMeng, F., Lou, F., Fu, Y., Tian, Z.
Conference Name2018 IEEE Third International Conference on Data Science in Cyberspace (DSC)
ISBN Number978-1-5386-4210-8
Keywordsanomaly detection, attribute classification insider threat detection method, attribute classifiers, CERT insider threat dataset, Data security, Deep Learning, end-to-end detection framework, feature extraction, high detection rate, Human Behavior, insider threat, Kernel, learning (artificial intelligence), Logic gates, long short term memory recurrent neural networks, machine learning, malicious insiders, Metrics, network threat, pattern classification, principal component analysis, Principal Component Analysis based threat detection methods, pubcrawl, recurrent neural nets, Recurrent neural networks, resilience, security of data, threat detection recall
Abstract

With the evolution of network threat, identifying threat from internal is getting more and more difficult. To detect malicious insiders, we move forward a step and propose a novel attribute classification insider threat detection method based on long short term memory recurrent neural networks (LSTM-RNNs). To achieve high detection rate, event aggregator, feature extractor, several attribute classifiers and anomaly calculator are seamlessly integrated into an end-to-end detection framework. Using the CERT insider threat dataset v6.2 and threat detection recall as our performance metric, experimental results validate that the proposed threat detection method greatly outperforms k-Nearest Neighbor, Isolation Forest, Support Vector Machine and Principal Component Analysis based threat detection methods.

URLhttps://ieeexplore.ieee.org/document/8411913
DOI10.1109/DSC.2018.00092
Citation Keymeng_deep_2018