Open Access
Subscription Access
Open Access
Subscription Access
Insider Threat Detection in Organization using Machine Learning
Subscribe/Renew Journal
A Cyber Attack is a sudden attempt launched by cybercriminals against multiple computers or networks. According to evolution of cyber space, insider attack is the most serious attack faced by end users, all over the world. Insiders that perform attack have certain advantage over other attack since they familiar system policies and procedures. It is performed by authorized person such as current working employee, pre-working employee and business organizations. Cyber security reports show that both US federal Agency as well as different organizations faces insider threat. Compromised Users, Careless Users and Malicious Users are some of the ground for insider attack. User-Centric insider threat detection based on data granularity provide a new extent for insider detection since data is analysed on it’s depth. but, improper selection of feature is a demerit. As a result, Data granularity with two stage confirmation method is used in the proposed system. In the first stage dual filtering using Hidden Markov model and fuzzy logic is involved. In the second stage, the predicted output from first stage is again checked using profile-to-profile or template-to-template comparison. The selection of user’s information as well as triple feature for generating training set is an additional advantage of the proposed approach. Two stage confirmation leads to increase in performance measure with very low false positive rate.
Keywords
Cyber Security, Fuzzy Logic, Hidden Markov Model, Machine Learning (ML)
Subscription
Login to verify subscription
User
Font Size
Information
- F.-Y. Leu, K.-L. Tsai, Y.-T. Hsiao, and C.-T. Yang, “An internal intrusion detection and protection system by using data mining and forensic techniques,” IEEE Systems Journal, vol. 11, no. 2, pp. 427-438, 2015.
- S. Aditham, and N. Ranganathan, “A system architecture for the detection of insider attacks in big data systems,” IEEE Transactions on Dependable and Secure Computing, vol. 15, no. 6, pp. 974-987, 2018.
- L. Lazos, and M. Krunz, “Selective jamming/dropping insider attacks in wireless mesh networks,” Electrical and Computer Engineering, vol. 25, no. 1, pp. 30-34, 2011.
- N. Baracaldo, B. Palanisamy, and J. Joshi, “G-SIR: An insider attack resilient geo-social access control framework,” IEEE Transactions on Dependable and Secure Computing, vol. 16, no. 1, pp. 84-98, 2019.
- B. Ghaleb, A. Al-Dubai, E. Ekonomou, M. Qasem, I. Romdhani, and L. Mackenzie, “Addressing the DAO insider attack in RPL’s Internet of Thing,” IEEE Communications Letters, vol. 23, no. 1, Jan. 2019.
- S.-Y. Chang, and Y.-C. Hu, “SecureMAC: Securing wireless medium access control against insider denial-of-service attacks,” IEEE Transactions on Mobile Computing, vol. 16, no. 12, pp. 3527-3540, 2017.
- S. Shunmuganathan, R. D. Saravanan, and Y. Palanichamy, “Securing VPN from insider and outsider bandwidth flooding attack,” Microprocessors and Microsystems, vol. 79, Nov. 2020, Art. no. 103279.
- N. Elmrabit, S.-H. Yang, L. Yang, and H. Zhou, “Insider threat risk prediction based on Bayesian network,” Computers & Security, vol. 96, 2020, Art. no. 101908.
- N. S. Safa, C. Maple, T. Watsona, and R. V. Solms, “Motivation and opportunity based model to reduce information security insider threats in organisations,” Journal of Information Security and Applications, vol. 40, pp. 247-257, 2018.
- T. Kim, Y.-S. Park, H. Cho, and J.-W. Kang, “Insider threat detection based on user behavior modeling and anomaly detection algorithms,” Appl. Sci., vol. 9, no. 19, p. 4018, 2019.
- G. Yang, L. Cai, A. Yu, and D. Mengand, “A general and expandable insider threat detection system using baseline anomaly detection and scenario-driven alarm filters,” IEEE International Conference on Trust, Security and Privacy in Computing and Communications, 2018.
- G. Yang, L. Cai, A. Yu, J. Ma, D. Meng, and Y. Wu, “Potential malicious insiders detection based on a comprehensive security psychological model,” 2018 IEEE Fourth International Conference on Big Data Computing Service and Application (BigDataService), Bamberg, Germany, 26-29 Mar. 2018.
Abstract Views: 171
PDF Views: 0