Filters








877 Hits in 6.0 sec

Evaluating Insider Threat Detection Workflow Using Supervised and Unsupervised Learning

Duc C. Le, A. Nur Zincir-Heywood
2018 2018 IEEE Security and Privacy Workshops (SPW)  
In this research, we study and evaluate an insider threat detection workflow using supervised and unsupervised learning algorithms.  ...  We evaluate several supervised and unsupervised learning algorithms -HMM, SOM, and DT -using this workflow.  ...  This paper mainly focuses on analyzing and evaluating a workflow using supervised and unsupervised learning algorithms for insider threat detection.  ... 
doi:10.1109/spw.2018.00043 dblp:conf/sp/LeZ18 fatcat:tgy2k44aj5ae7exv2llsshdyf4

Image-based Insider Threat Detection via Geometric Transformation [article]

Dongyang Li, Lin Yang, Hongguang Zhang, Xiaolei Wang, Linru Ma, Junchao Xiao
2021 arXiv   pre-print
In this paper, we propose a novel insider threat detection method, Image-based Insider Threat Detector via Geometric Transformation (IGT), which converts the unsupervised anomaly detection into supervised  ...  Insider threat detection has been a challenging task over decades, existing approaches generally employ the traditional generative unsupervised learning methods to produce normal user behavior model and  ...  This research was supported by a research grant from the National Science Foundation of China under Grant No. 61772271, and the Natural Science Foundation of Jiangsu under Grant No. SBK2020043435.  ... 
arXiv:2108.10567v1 fatcat:w2lxxy4wxbhmrgmh5ahdv2g5ei

Deep Learning for Insider Threat Detection: Review, Challenges and Opportunities [article]

Shuhan Yuan, Xintao Wu
2020 arXiv   pre-print
In this brief survey, we first introduce one commonly-used dataset for insider threat detection and review the recent literature about deep learning for such research.  ...  While the problem of insider threat detection has been studied for a long time in both security and data mining communities, the traditional machine learning based detection approaches, which heavily rely  ...  A recent survey [12] categorizes the deep learning-based anomaly detection into three groups based on the availability of labels, i.e., supervised, semi-supervised, and unsupervised deep anomaly detection  ... 
arXiv:2005.12433v1 fatcat:bmmog7g47vfmpmzdvd4tqd5v7u

Insider Attack Detection Using Deep Belief Neural Network in Cloud Computing

A. S. Anakath, R. Kannadasan, Niju P. Joseph, P. Boominathan, G. R. Sreekanth
2022 Computer systems science and engineering  
The result is evaluated using a Cooja simulator based on the cloud environment. The  ...  In our proposed work, we track the attackers using a user interaction behavior pattern and deep learning technique.  ...  First, the behavior pattern is recorded, and ML techniques are used to detect the changes in the normal behavior pattern. The supervised and unsupervised learning methods are used.  ... 
doi:10.32604/csse.2022.019940 fatcat:isxxxismfzd53hfsobsttqnb3i

Image-Based Insider Threat Detection via Geometric Transformation

Dongyang Li, Lin Yang, Hongguang Zhang, Xiaolei Wang, Linru Ma, Junchao Xiao, Abdallah Meraoumia
2021 Security and Communication Networks  
In this paper, we propose a novel insider threat detection method, Image-based Insider Threat Detector via Geometric Transformation (IGT), which converts the unsupervised anomaly detection into supervised  ...  Insider threat detection has been a challenging task over decades; existing approaches generally employ the traditional generative unsupervised learning methods to produce normal user behavior model and  ...  a high-precision insider threat detection method with the deep learning model.  ... 
doi:10.1155/2021/1777536 fatcat:ocd5vx2b7bfjligjgq6ggscope

Insider threats and Insider Intrusion Detection

2019 International journal of recent technology and engineering  
this survey paper narrates insider threats and their detection types and methods.  ...  Based on different strategies, statistical and machine learning methods for detecting these threats, are identified and summarized here.  ...  Learning, has applied and evaluated multiple Anomaly Detection algorithms.  ... 
doi:10.35940/ijrte.b1033.0782s519 fatcat:unx2kk3asvcc3j5x4y46wsbgq4

User Behavior Traffic Analysis Using a Simplified Memory-Prediction Framework

Rahmat Budiarto, Ahmad A. Alqarni, Mohammed Y. Alzahrani, Muhammad Fermi Pasha, Mohamed Fazil Mohamed Firdhous, Deris Stiawan
2022 Computers Materials & Continua  
As defense systems using deep-learning models require more time to learn new traffic patterns, they cannot perform fully online (on-the-fly) learning.  ...  The s.SCASHM is implemented as the prediction engine of a user behavior analysis tool to detect insider attacks/anomalies.  ...  The authors concluded that most of the existing online anomaly detection systems use supervision and that few use an unsupervised approach.  ... 
doi:10.32604/cmc.2022.019847 fatcat:7fo636sk5fgzno4kiao63gcvnq

Elaborate Monitoring of Land-Cover Changes in Cultural Landscapes at Heritage Sites Using Very High-Resolution Remote-Sensing Images

Yunwei Tang, Fulong Chen, Wei Yang, Yanbin Ding, Haoming Wan, Zhongchang Sun, Linhai Jing
2022 Sustainability  
Very high-resolution (VHR) remote sensing provides a useful tool to elaborate monitor land-cover changes in cultural landscapes so as to evaluate the authenticity and integrity of the cultural heritage  ...  The interference degree well reflects the preservation status of these CHS and can be periodically observed in a long term as an evaluation indicator.  ...  Acknowledgments: The authors thank three anonymous reviewers for providing helpful comments and suggestions to improve the manuscript.  ... 
doi:10.3390/su14031319 fatcat:5mmwpdmenzhc3du2dpb7vwyy3u

Memory-Augmented Insider Threat Detection with Temporal-Spatial Fusion

Dongyang Li, Lin Yang, Hongguang Zhang, Xiaolei Wang, Linru Ma, Robertas Damaševičius
2022 Security and Communication Networks  
To address such an issue, we propose a novel insider threat detection method, namely, Memory-Augmented Insider Threat Detection (MAITD), in this paper.  ...  Insider threat detection is important for the smooth operation and security protection of an organizational system.  ...  Acknowledgments is research was supported by a research grant from the National Science Foundation of China under Grant nos. 61772271 and 62106282.  ... 
doi:10.1155/2022/6418420 fatcat:qwp4j6ms6fhz5p7kp6a3sthtfq

Securing cloud by mitigating insider data theft attacks with decoy technology using Hadoop

K Vamsi Krishna, V Srikanth
2018 International Journal of Engineering & Technology  
In this paper, we propose an alternate way to secure data on the cloud which is more efficient and secure by the concoction of user profile mapping using Hadoop framework and offensive decoy technology  ...  Cloud Security Alliance reckoned this threat as a significant danger of Cloud Computing.  ...  ML makes a prediction on the data, based on known properties, and learns from the training data. ML algorithms are classified into two types i.e., Supervised and Unsupervised learning.  ... 
doi:10.14419/ijet.v7i2.31.13407 fatcat:6rz6dlphpnfrlcfyxsps334fgm

Abnormal Behavior Analysis in Office Automation System within Organizations

Yilin Wang, Yun Zhou, Cheng Zhu, Xianqiang Zhu, Weiming Zhang
2017 International Journal of Computer and Communication Engineering  
Insider threat is a serious and increasing concern for many organizations.  ...  Thus, there is a desperate need to explore an effective approach to detect such suspicious behaviors.  ...  Acknowledgment We would like thank Jiang Wang for his insightful comments and helpful suggestions on this paper. This work was supported by National Natural Science Foundation of China (Grant No.  ... 
doi:10.17706/ijcce.2017.6.3.212-220 fatcat:o3iyqn5fkbdnfjg234rsjkppse

ML-based cyber incident detection for Electronic Medical Record (EMR) systems

David McGlade, Sandra Scott-Hayward
2018 Smart Health  
The Electronic Medical Record (EMR) systems used in hospitals are targeted due to the sensitivity of data within a healthcare setting.  ...  An upward trend in cyber incidents across both U.K. and U.S. hospitals has been observed since 2015. Attacks range from identity theft to insurance fraud and extortion/blackmail.  ...  [21], which uses Unsupervised Machine Learning to detect insider threats based on usage patterns within a collaborative working environment.  ... 
doi:10.1016/j.smhl.2018.05.001 fatcat:v3iuqszarne2zefvi3wysvk3uq

Anomaly Detection in the Cloud: Detecting Security Incidents via Machine Learning [chapter]

Matthias Gander, Michael Felderer, Basel Katt, Adrian Tolbaru, Ruth Breu, Alessandro Moschitti
2013 Communications in Computer and Information Science  
Our framework uses complex event processing rules and machine learning, to detect populate user-specified metrics that can be used to assess the security status of the monitored system.  ...  Second, these tools focus on attacks and threats at only one layer of abstraction, e.g., the network, the service, or the workflow layers.  ...  , i.e., the semi-automatic labeling of clusters via supervised learning.  ... 
doi:10.1007/978-3-642-45260-4_8 fatcat:4mgm7gq4f5bqfexxntylof233u

Fraud Analytics Using Data Mining

2016 International Journal of Research Studies in Computer Science and Engineering  
The two main types of data mining methods i.e. supervised and unsupervised learning methods used in fraud analytics have been intensively reviewed with the help of existing literature.  ...  This paper deals with the data mining techniques used to combat fraud in different industries.  ...  Unsupervised Methods Used in Fraud Analytics Supervised learning for fraud detection is more popular than unsupervised learning. An "unusual claim" can be characterized by many attributes.  ... 
doi:10.20431/2349-4859.0304001 fatcat:nzq4rwmlyrelhmxwntxrb467g4

Insight Into Insiders and IT

Ivan Homoliak, Flavio Toffalini, Juan Guarnizo, Yuval Elovici, Martín Ochoa
2019 ACM Computing Surveys  
and disambiguation of insider threat incidents and the defense solutions used against them.  ...  that can be used for reasoning in the insider threat domain.  ...  Thus, the proposed workflow of insider threat contributions consists of four main categories: (1) The Incidents and Datasets category contains reference datasets applicable for the evaluation of insider  ... 
doi:10.1145/3303771 fatcat:t63cyqbofbaxjjk2e2aiuivtm4
« Previous Showing results 1 — 15 out of 877 results