1,604 Hits in 7.7 sec


2013 International journal on artificial intelligence tools  
This paper applies ensemble-based stream mining, supervised and unsupervised learning, and graph-based anomaly detection to the problem of insider threat detection.  ...  It demonstrates that the ensemble-based approach is significantly more effective than traditional single-model methods, supervised learning outperforms unsupervised learning, and increasing the cost of  ...  Robert Herklotz for his support. This work is supported by the Air Force Office of Scientific Research, under grant FA9550-08-1-0088.  ... 
doi:10.1142/s0218213013600130 fatcat:qntmuz7zrjaanl56qfaajvcrra

Supervised Learning for Insider Threat Detection Using Stream Mining

Pallabi Parveen, Zackary R. Weger, Bhavani Thuraisingham, Kevin Hamlen, Latifur Khan
2011 2011 IEEE 23rd International Conference on Tools with Artificial Intelligence  
Insider threat detection requires the identification of rare anomalies in contexts where evolving behaviors tend to mask such anomalies.  ...  This paper proposes and tests an ensemble-based stream mining algorithm based on supervised learning that addresses this challenge by maintaining an evolving collection of multiple models to classify dynamic  ...  This material is based upon work supported by the Air Force Office of Scientific Research under Award No. FA9550-08-1-0260. We thank Dr. Robert Herklotz for his support.  ... 
doi:10.1109/ictai.2011.176 dblp:conf/ictai/ParveenWTHK11 fatcat:ipnuttugmfcgpotmsx6j5ahnd4

Hybrid Deep Learning Model using SPCAGAN Augmentation for Insider Threat Analysis [article]

R G Gayathri, Atul Sajjanhar, Yong Xiang
2022 arXiv   pre-print
Anomaly detection using deep learning requires comprehensive data, but insider threat data is not readily available due to confidentiality concerns of organizations.  ...  Furthermore, we introduce a deep learning-based hybrid model for insider threat analysis.  ...  There is an upward trend towards using machine learning and deep learning based solutions for insider threat analysis.  ... 
arXiv:2203.02855v1 fatcat:naeat2lz4jg65bp2gaw2tzp25q

Classifier Suites for Insider Threat Detection [article]

David Noever
2019 arXiv   pre-print
Better methods to detect insider threats need new anticipatory analytics to capture risky behavior prior to losing data.  ...  In contrast to more obscure or black-box alternatives, random forests are ensembles of many decision trees and thus offer a deep but human-readable set of detection rules (>2000 rules).  ...  Acknowledgements The authors would like to thank the PeopleTec Technical Fellows program for encouragement and project assistance.  ... 
arXiv:1901.10948v1 fatcat:yjcmy3vjj5gvxjgpzqriz7cdm4

Insider threats and Insider Intrusion Detection

2019 International journal of recent technology and engineering  
Based on different strategies, statistical and machine learning methods for detecting these threats, are identified and summarized here.  ...  this survey paper narrates insider threats and their detection types and methods.  ...  The algorithms generally used are statistical(n gram model and sequence match algorithms),machine learning(n gram model and feed forward neural networks)and deep learning(n gram model and recurrent neural  ... 
doi:10.35940/ijrte.b1033.0782s519 fatcat:unx2kk3asvcc3j5x4y46wsbgq4

Insider Threat Detection Based on Stress Recognition Using Keystroke Dynamics [article]

Azamat Sultanov, Konstantin Kogos
2020 arXiv   pre-print
Proposed method uses both supervised and unsupervised machine learning algorithms. As the results show, stress can provide highly valuable information for insider threat detection.  ...  Most of the proposed methods for detecting this threat require expensive and invasive equipment, which makes them difficult to use in practice.  ...  Anomaly-based Insider Threat Detection The most common methods for detecting the threat of an internal intruder are based on anomaly detection algorithms.  ... 
arXiv:2005.02862v1 fatcat:ateosw3purhrlffk25lrahxtsq

Reframing Threat Detection: Inside esINSIDER [article]

M. Arthur Munson and Jason Kichen and Dustin Hillard and Ashley Fidler and Peiter Zatko
2019 arXiv   pre-print
We describe the motivation and design for esINSIDER, an automated tool that detects potential persistent and insider threats in a network. esINSIDER aggregates clues from log data, over extended time periods  ...  Machine learning makes it practical to deploy this approach by reducing the amount of tuning needed.  ...  A key benefit of this approach is that we can leverage supervised machine learning to solve an anomaly detection problem.  ... 
arXiv:1904.03584v1 fatcat:bhtcb4ig3fe4xpq3srvxluw4ki

Threat Detection using Machine/Deep Learning in IOT Environments

2020 International journal of computer networks and communications security  
The main aim of this research is to provide a very best solution for the detection of threats in order to improve the infrastructures of IOT.  ...  In any of the IOT networks the unknown and knows flaws can be a backdoor for any adversary. The increase use of such environment results in the increase of zero day cyber-attacks.  ...  The future work of this research aims to test these models with various and updated datasets in order to find a best model and to deploy that model in order to detect anomalies in IOT environments.  ... 
doi:10.47277/ijcncs/8(8)2 fatcat:hxj6oo2mqjhnnl4vqsnaciv2we

The Threat of Adversarial Attacks on Machine Learning in Network Security – A Survey [article]

Olakunle Ibitoye, Rana Abou-Khamis, Ashraf Matrawy, M. Omair Shafiq
2020 arXiv   pre-print
We conclude by introducing an adversarial risk model and evaluate several existing adversarial attacks against machine learning in network security using the risk model.  ...  However, applications of machine learning in network security face more disproportionate threat of active adversarial attacks compared to other domains.  ...  activities or insider threats.  ... 
arXiv:1911.02621v2 fatcat:p7mgj65wavee3op6as5lufwj3q

Deep Learning for Unsupervised Insider Threat Detection in Structured Cybersecurity Data Streams [article]

Aaron Tuor, Samuel Kaplan, Brian Hutchinson, Nicole Nichols, Sean Robinson
2017 arXiv   pre-print
Analysis of an organization's computer network activity is a key component of early detection and mitigation of insider threat, a growing concern for many organizations.  ...  Machine and Isolation Forest based anomaly detection baselines.  ...  The research described in this paper is part of the Analysis in Motion Initiative at Pacific Northwest National Laboratory.  ... 
arXiv:1710.00811v2 fatcat:u7nwwxy7bvdnvnclga2ajjx7jm

Performance of Machine Learning-Based Multi-Model Voting Ensemble Methods for Network Threat Detection in Agriculture 4.0

Nikolaos Peppes, Emmanouil Daskalakis, Theodoros Alexakis, Evgenia Adamopoulou, Konstantinos Demestichas
2021 Sensors  
Network traffic analysis and classification based on Machine Learning (ML) methodologies can play a vital role in tackling such threats.  ...  Tree (DT), Random Forest (RF) and Stochastic Gradient Descent (SGD), as well as a hard voting and a soft voting ensemble model of these classifiers.  ...  In case an anomaly was detected, the second level was used to categorize the anomaly. In the context of this model, several ML methodologies were investigated.  ... 
doi:10.3390/s21227475 pmid:34833551 pmcid:PMC8622709 fatcat:xi3jptbeijcr7gpzhxzjph4ldi

Detecting Insider Threat from Behavioral Logs Based on Ensemble and Self-Supervised Learning

Chunrui Zhang, Shen Wang, Dechen Zhan, Tingyue Yu, Tiangang Wang, Mingyong Yin, Jinwei Wang
2021 Security and Communication Networks  
To solve this problem, we proposed a supervised insider threat detection method based on ensemble learning and self-supervised learning.  ...  Despite many research studies on this, the spatial heterogeneity and sample imbalance of input features still limit the effectiveness of existing machine learning-based detection methods.  ...  Acknowledgments is work was supported by the Defense Industrial Technology Development Program (JCKY2018603B006) and CAEP Foundation (CX2019040).  ... 
doi:10.1155/2021/4148441 fatcat:42dshk2dsbdk7g6uomhnuagbo4

Machine Learning Security: Threats, Countermeasures, and Evaluations

Mingfu Xue, Chengxiang Yuan, Heyi Wu, Yushu Zhang, Weiqiang Liu
2020 IEEE Access  
First, the machine learning model in the presence of adversaries is presented, and the reasons why machine learning can be attacked are analyzed.  ...  The threat models, attack approaches, and defense techniques are analyzed systematically.  ...  why machine learning can be attacked are analyzed. 3) The threats and attack models are described.  ... 
doi:10.1109/access.2020.2987435 fatcat:ksinvcvcdvavxkzyn7fmsa27ji

Malware triage for early identification of Advanced Persistent Threat activities

Giuseppe Laurenza, Riccarzo Lazzeretti, Luca Mazzotti
2020 Digital Threats: Research and Practice  
For efficiency reasons, they rely on static malware features, extracted with negligible delay, and use machine learning techniques for the identification.  ...  In the last decade, a new class of cyber-threats, known with the name of "Advanced Persistent Threat" (APT) has emerged and is referred to as different organizations performing dangerous and effective  ...  RM11715C7878B045 and by the CINI (Consorzio Interuniversitario Nazionale Informatica) National Laboratory of Cyber Security.  ... 
doi:10.1145/3386581 fatcat:6bbblwjztnhhfn4zl2wwl66s2q

Malware triage for early identification of Advanced Persistent Threat activities [article]

Giuseppe Laurenza, Riccardo Lazzeretti, Luca Mazzotti
2018 arXiv   pre-print
In order to have the triage as fast as possible, we only rely on static malware features, that can be extracted with negligible delay, and use machine learning techniques for the identification.  ...  The results of the proposed framework highlight high performances, reaching a precision of 100% and an accuracy over 95%  ...  In machine learning science, Decision tree learning concept uses decision trees as a predictive model to go from observations about an object to conclusion about the objects' target value, represented  ... 
arXiv:1810.07321v1 fatcat:nz6mnmsuvzegfgrg4cjc4srkuq
« Previous Showing results 1 — 15 out of 1,604 results