Visible to the public Machine Learning Based Insider Threat Modelling and Detection

Submitted by grigby1 on Tue, 01/21/2020 - 10:23am
TitleMachine Learning Based Insider Threat Modelling and Detection
Publication TypeConference Paper
Year of Publication2019
AuthorsLe, Duc C., Nur Zincir-Heywood, A.
Conference Name2019 IFIP/IEEE Symposium on Integrated Network and Service Management (IM)
Date Publishedapr
KeywordsCollaboration, cyber-security, damaging threats, Data collection, feature extraction, Human Behavior, insider scenario specific results, insider threat, insider threat detection system, insider threat modelling, learning (artificial intelligence), Logistics, machine learning, machine learning algorithms, malicious insider attacks, Metrics, multiple data granularity levels, Organizations, policy-based governance, pubcrawl, resilience, Resiliency, security, security of data, user-centered machine learning
Abstract

Recently, malicious insider attacks represent one of the most damaging threats to companies and government agencies. This paper proposes a new framework in constructing a user-centered machine learning based insider threat detection system on multiple data granularity levels. System evaluations and analysis are performed not only on individual data instances but also on normal and malicious insiders, where insider scenario specific results and delay in detection are reported and discussed. Our results show that the machine learning based detection system can learn from limited ground truth and detect new malicious insiders with a high accuracy.
URLhttps://ieeexplore.ieee.org/document/8717892
Citation Keyle_machine_2019
Groups: