Supervised Learning for Insider Threat Detection Using Stream Mining

被引:32
|
作者
Parveen, Pallabi [1 ]
Weger, Zackary R. [1 ]
Thuraisingham, Bhavani [1 ]
Hamlen, Kevin [1 ]
Khan, Latifur [1 ]
机构
[1] Univ Texas Dallas, Dept Comp Sci, Richardson, TX 75083 USA
来源
2011 23RD IEEE INTERNATIONAL CONFERENCE ON TOOLS WITH ARTIFICIAL INTELLIGENCE (ICTAI 2011) | 2011年
关键词
anomaly detection; support vector machine; insider threat; ensemble;
D O I
10.1109/ICTAI.2011.176
中图分类号
TP18 [人工智能理论];
学科分类号
081104 ; 0812 ; 0835 ; 1405 ;
摘要
Insider threat detection requires the identification of rare anomalies in contexts where evolving behaviors tend to mask such anomalies. This paper proposes and tests an ensemble-based stream mining algorithm based on supervised learning that addresses this challenge by maintaining an evolving collection of multiple models to classify dynamic data streams of unbounded length. The result is a classifier that exhibits substantially increased classification accuracy for real insider threat streams relative to traditional supervised learning (traditional SVM and one-class SVM) and other single-model approaches.
引用
收藏
页码:1032 / 1039
页数:8
相关论文
共 50 条
  • [41] Insider Threat Detection Using Graph-Based Approaches
    Eberle, William
    Holder, Lawrence
    CATCH 2009: CYBERSECURITY APPLICATIONS AND TECHNOLOGY CONFERENCE FOR HOMELAND SECURITY, PROCEEDINGS, 2009, : 237 - +
  • [42] Detecting Insider Threat from Behavioral Logs Based on Ensemble and Self-Supervised Learning
    Zhang, Chunrui
    Wang, Shen
    Zhan, Dechen
    Yu, Tingyue
    Wang, Tiangang
    Yin, Mingyong
    SECURITY AND COMMUNICATION NETWORKS, 2021, 2021
  • [43] Weak models for insider threat detection
    Thompson, P
    SENSORS, AND COMMAND, CONTROL, COMMUNICATIONS, AND INTELLIGENCE(C31) TECHNOLOGIES FOR HOMELAND SECURITY AND HOMELAND DEFENSE III, PTS 1 AND 2, 2004, 5403 : 40 - 48
  • [44] Review on Insider Threat Detection Techniques
    Oladimeji, T. O.
    Ayo, C. K.
    Adewumi, S. E.
    3RD INTERNATIONAL CONFERENCE ON SCIENCE AND SUSTAINABLE DEVELOPMENT (ICSSD 2019): SCIENCE, TECHNOLOGY AND RESEARCH: KEYS TO SUSTAINABLE DEVELOPMENT, 2019, 1299
  • [45] Insider Threat Detection and Cloud Computing
    Choudhary, Arjun
    Bhadada, Rajesh
    ADVANCES IN DATA AND INFORMATION SCIENCES, 2022, 318 : 81 - 90
  • [46] Analytics for early detection of insider threat
    Fenstermacher, Laurie
    Larson, Kathleen
    Vitiello, Christine
    Shellman, Steve
    Levey, Brian
    SIGNAL PROCESSING, SENSOR/INFORMATION FUSION, AND TARGET RECOGNITION XXXI, 2022, 12122
  • [47] An integrated system for insider threat detection
    Ray, Daniel
    Bradford, Phillip
    ADVANCES IN DIGITAL FORENSIC III, 2007, 242 : 75 - +
  • [48] A Tripwire Grammar for Insider Threat Detection
    Agrafiotis, Ioannis
    Erola, Arnau
    Goldsmith, Michael
    Creese, Sadie
    MIST'16: PROCEEDINGS OF THE INTERNATIONAL WORKSHOP ON MANAGING INSIDER SECURITY THREATS, 2016, : 105 - 108
  • [49] Caught in the Act of an Insider Attack: Detection and Assessment of Insider Threat
    Legg, Philip A.
    Buckley, Oliver
    Goldsmith, Michael
    Creese, Sadie
    2015 IEEE INTERNATIONAL SYMPOSIUM ON TECHNOLOGIES FOR HOMELAND SECURITY (HST), 2015,
  • [50] Applying One-Class Algorithms for Data Stream-Based Insider Threat Detection
    Peccatiello, Rafael Bruno
    Gondim, Joao Jose Costa
    Garcia, Luis Paulo Faina
    IEEE ACCESS, 2023, 11 : 70560 - 70573
12345