Deep Learning Based Attribute Classification Insider Threat Detection for Data Security
| Title | Deep Learning Based Attribute Classification Insider Threat Detection for Data Security |
| Publication Type | Conference Paper |
| Year of Publication | 2018 |
| Authors | Meng, F., Lou, F., Fu, Y., Tian, Z. |
| Conference Name | 2018 IEEE Third International Conference on Data Science in Cyberspace (DSC) |
| ISBN Number | 978-1-5386-4210-8 |
| Keywords | anomaly detection, attribute classification insider threat detection method, attribute classifiers, CERT insider threat dataset, Data security, Deep Learning, end-to-end detection framework, feature extraction, high detection rate, Human Behavior, insider threat, Kernel, learning (artificial intelligence), Logic gates, long short term memory recurrent neural networks, machine learning, malicious insiders, Metrics, network threat, pattern classification, principal component analysis, Principal Component Analysis based threat detection methods, pubcrawl, recurrent neural nets, Recurrent neural networks, resilience, security of data, threat detection recall |
| Abstract | With the evolution of network threat, identifying threat from internal is getting more and more difficult. To detect malicious insiders, we move forward a step and propose a novel attribute classification insider threat detection method based on long short term memory recurrent neural networks (LSTM-RNNs). To achieve high detection rate, event aggregator, feature extractor, several attribute classifiers and anomaly calculator are seamlessly integrated into an end-to-end detection framework. Using the CERT insider threat dataset v6.2 and threat detection recall as our performance metric, experimental results validate that the proposed threat detection method greatly outperforms k-Nearest Neighbor, Isolation Forest, Support Vector Machine and Principal Component Analysis based threat detection methods. |
| URL | https://ieeexplore.ieee.org/document/8411913 |
| DOI | 10.1109/DSC.2018.00092 |
| Citation Key | meng_deep_2018 |
- long short term memory recurrent neural networks
- threat detection recall
- security of data
- resilience
- Recurrent neural networks
- recurrent neural nets
- pubcrawl
- Principal Component Analysis based threat detection methods
- principal component analysis
- pattern classification
- network threat
- Metrics
- malicious insiders
- machine learning
- Anomaly Detection
- Logic gates
- learning (artificial intelligence)
- Kernel
- insider threat
- Human behavior
- high detection rate
- feature extraction
- end-to-end detection framework
- deep learning
- Data Security
- CERT insider threat dataset
- attribute classifiers
- attribute classification insider threat detection method