作者: Mohamed Medhat Gaber , Diana Haidar
DOI:
关键词: Concept drift 、 Anomaly detection 、 Insider 、 Feature (computer vision) 、 Artificial intelligence 、 Geography 、 Feature vector 、 Outlier 、 Insider threat 、 Data mining 、 Machine learning 、 Data stream mining
摘要: Insider threat detection is an emergent concern for industries and governments due to the growing number of attacks in recent years. Several Machine Learning (ML) approaches have been developed detect insider threats, however, they still suffer from a high false alarms. None those addressed problem perspective stream mining data where concept drift or outlier indication threat. An refers anomalous behaviour that deviates normal baseline community's focus this paper. To address shortcoming existing realise novel solution problem, we present RandSubOut (Random Subspace Outliers) approach over real-time streaming. allows threats represented as localised outliers random feature subspaces, which would not be detected whole space, dimensionality. We evaluated presented ensemble established distance-based de tection methods, namely, Micro-cluster-based Continuous Outlier Detection (MCOD) Anytime OUTlier (AnyOut), according evaluation measures including True Positive (TP) False (FP).