Insider Threat Detection Based on User Behaviour Analysis
作者: Malvika Singh , B. M. Mehtre , S. Sangeetha
DOI: 10.1007/978-981-15-6318-8_45
关键词:
摘要: Insider threat detection is a major challenge for security in organizations. They are the employees/users of an organization, posing to it by performing any malicious activity. Existing methods detect insider threats based on psycho-physiological factors, statistical analysis, machine learning and deep methods. predefined rules or stored signatures fail new unknown attacks. To overcome some limitations existing methods, we propose behaviour method. The characterized user activity (such as logon-logoff, device connect-disconnect, file-access, http-url-requests, email activity). Isometric Feature Mapping (ISOMAP) used feature extraction Emperor Penguin Algorithm optimal selection. features include time (time at which particular performed) frequency (number times performed). Finally, Multi-fuzzy-classifier with three inference engines F1, F2, F3, classify users normal malicious. proposed method tested using CMU-CERT dataset its performance. outperforms following metrics: accuracy, precision, recall, f-measure, AUC-ROC parameters. results show significant improvement over
springer.com
sci-hub.st 参考文章(20)
Seyed Mehdi Iranmanesh, Mehdi Mohammadi, Ahmad Akbari, Babak Nassersharif, Improving Detection Rate in Intrusion Detection Systems Using FCM Clustering to Select Meaningful Landmarks in Incremental Landmark Isomap Algorithm theoretical and mathematical foundations of computer science. pp. 46- 53 ,(2011) , 10.1007/978-3-642-24999-0_7
Philip A. Legg, Oliver Buckley, Michael Goldsmith, Sadie Creese, Automated Insider Threat Detection System Using User and Role-Based Profile Assessment IEEE Systems Journal. ,vol. 11, pp. 503- 512 ,(2017) , 10.1109/JSYST.2015.2438442
Xiao-li Xu, Tao Chen, ISOMAP Algorithm-Based Feature Extraction for Electromechanical Equipment Fault Prediction 2009 2nd International Congress on Image and Signal Processing. pp. 1- 4 ,(2009) , 10.1109/CISP.2009.5304349
Kai-mei Zheng, Xu Qian, Yu Zhou, Li-juan Jia, Intrusion Detection Using Isomap and Support Vector Machine artificial intelligence and computational intelligence. ,vol. 3, pp. 235- 239 ,(2009) , 10.1109/AICI.2009.242
Brock Bose, Bhargav Avasarala, Srikanta Tirthapura, Yung-Yu Chung, Donald Steiner, Detecting Insider Threats Using RADISH: A System for Real-Time Anomaly Detection in Heterogeneous Data Streams IEEE Systems Journal. ,vol. 11, pp. 471- 482 ,(2017) , 10.1109/JSYST.2016.2558507
Owen Lo, William J Buchanan, Paul Griffiths, Richard Macfarlane, None, Distance Measurement Methods for Improved Insider Threat Detection Security and Communication Networks. ,vol. 2018, pp. 1- 18 ,(2018) , 10.1155/2018/5906368
Yang Xin, Lingshuang Kong, Zhi Liu, Yuling Chen, Yanmiao Li, Hongliang Zhu, Mingcheng Gao, Haixia Hou, Chunhua Wang, Machine Learning and Deep Learning Methods for Cybersecurity IEEE Access. ,vol. 6, pp. 35365- 35381 ,(2018) , 10.1109/ACCESS.2018.2836950
Gaurav Dhiman, Vijay Kumar, Emperor penguin optimizer: A bio-inspired algorithm for engineering problems Knowledge Based Systems. ,vol. 159, pp. 20- 50 ,(2018) , 10.1016/J.KNOSYS.2018.06.001
Bin Lv, Dan Wang, Yan Wang, Qiujian Lv, Dan Lu, A Hybrid Model Based on Multi-dimensional Features for Insider Threat Detection wireless algorithms systems and applications. pp. 333- 344 ,(2018) , 10.1007/978-3-319-94268-1_28
Fangfang Yuan, Yanan Cao, Yanmin Shang, Yanbing Liu, Jianlong Tan, Binxing Fang, Insider Threat Detection with Deep Neural Network international conference on computational science. pp. 43- 54 ,(2018) , 10.1007/978-3-319-93698-7_4