- Title
- Bilateral insider threat detection : harnessing standalone and sequential activities with recurrent neural networks
- Creator
- Manoharan, Phavithra; Hong, Wei; Yin, Jiao; Zhang, Yanchun; Ye, Wenjie; Ma, Jiangang
- Date
- 2023
- Type
- Text; Conference paper
- Identifier
- http://researchonline.federation.edu.au/vital/access/HandleResolver/1959.17/197213
- Identifier
- vital:18823
- Identifier
-
https://doi.org/10.1007/978-981-99-7254-8_14
- Identifier
- ISBN:0302-9743 (ISSN); 9789819972531 (ISBN)
- Abstract
- Insider threats involving authorised individuals exploiting their access privileges within an organisation can yield substantial damage compared to external threats. Conventional detection approaches analyse user behaviours from logs, using binary classifiers to distinguish between malicious and non-malicious users. However, existing methods focus solely on standalone or sequential activities. To enhance the detection of malicious insiders, we propose a novel approach: bilateral insider threat detection combining RNNs to incorporate standalone and sequential activities. Initially, we extract behavioural traits from log files representing standalone activities. Subsequently, RNN models capture features of sequential activities. Concatenating these features, we employ binary classification to detect insider threats effectively. Experiments on the CERT 4.2 dataset showcase the approach’s superiority, significantly enhancing insider threat detection using features from both standalone and sequential activities. © 2023, The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
- Publisher
- Springer Science and Business Media Deutschland GmbH
- Relation
- 24th International Conference on Web Information Systems Engineering, WISE 2023, Melbourne, 25-27 October 2023, Web Information Systems Engineering – WISE 2023, 24th International Conference, Melbourne, VIC, Australia, October 25–27, 2023, Proceedings Vol. 14306 LNCS, p. 179-188
- Rights
- All metadata describing materials held in, or linked to, the repository is freely available under a CC0 licence
- Rights
- Copyright © 2023, The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd
- Subject
- Insider threats; Recurrent neural networks; Sequential activities; Standalone activities
- Reviewed
- Hits: 680
- Visitors: 668
- Downloads: 0
Thumbnail | File | Description | Size | Format |
---|