Handling imbalance dataset issue in insider threat detection using machine learning methods

被引:0
|
作者
Jaiswal, Ayshwarya [1 ]
Dwivedi, Pragya [1 ]
Dewang, Rupesh Kumar [2 ]
机构
[1] Computer Science and Engineering, Motilal Nehru National Institute of Technology, Allahabad, Uttar Pradesh, Prayagraj,211004, India
[2] Computer Science and Engineering, National Institute of Technical Teachers’ Training and Research, Bhopal,462002, India
来源
Computers and Electrical Engineering | 2024年 / 120卷
关键词
Contrastive Learning;
D O I
10.1016/j.compeleceng.2024.109726
中图分类号
学科分类号
摘要
Insider threats, characterized by their baleful impact and substantial costs, arise from internal factors within organizations. These threats are rare and usually unnoticed, as the malicious actions are often submerged in numerous normal activities, causing dataset imbalance and making detection hard. To address these challenges, in this paper we propose a Two-Step Insider Threat Detection (TSITD) approach. First, it preprocesses the CERT r4.2 and r5.2 datasets into day-long sequences. Second, it handles the dataset imbalance and detects threats by forming various combinations of sampling techniques and classifiers, referred to as TSITD models. When we compare these TSITD models to baseline models, we observe a significant improvement in anomaly detection rate and balanced accuracy. The TSITD models also achieve higher rankings when evaluated using the Technique for Order of Preference by Similarity to Ideal Solution (TOPSIS) method. © 2024 Elsevier Ltd
引用
收藏
相关论文
共 50 条
  • [1] Insider Threat Detection Using Supervised Machine Learning Algorithms on an Extremely Imbalanced Dataset
    Sheykhkanloo, Naghmeh Moradpoor
    Hall, Adam
    [J]. INTERNATIONAL JOURNAL OF CYBER WARFARE AND TERRORISM, 2020, 10 (02) : 1 - 26
  • [2] Insider Threat Detection Using Machine Learning Approach
    Sarhan, Bushra Bin
    Altwaijry, Najwa
    [J]. APPLIED SCIENCES-BASEL, 2023, 13 (01):
  • [3] Machine Learning for Insider Threat Detection
    Naicker, Tristan Sashlen
    van Niekerk, Brett
    [J]. PROCEEDINGS OF THE 3RD EUROPEAN CONFERENCE ON THE IMPACT OF ARTIFICIAL INTELLIGENCE AND ROBOTICS (ECIAIR 2021), 2021, : 122 - 131
  • [4] Research Opportunity of Insider Threat Detection based on Machine Learning Methods
    Prajitno, Noer Tjahja Moekthi
    Hadiyanto, H.
    Rochim, Adian Fatchur
    [J]. 2023 INTERNATIONAL CONFERENCE ON ARTIFICIAL INTELLIGENCE IN INFORMATION AND COMMUNICATION, ICAIIC, 2023, : 292 - 296
  • [5] Insider threat detection using supervised machine learning algorithms
    Manoharan, Phavithra
    Yin, Jiao
    Wang, Hua
    Zhang, Yanchun
    Ye, Wenjie
    [J]. TELECOMMUNICATION SYSTEMS, 2023, 87 (04) : 899 - 915
  • [6] A Review of Recent Advances, Challenges, and Opportunities in Malicious Insider Threat Detection Using Machine Learning Methods
    Alzaabi, Fatima Rashed
    Mehmood, Abid
    [J]. IEEE ACCESS, 2024, 12 : 30907 - 30927
  • [7] Machine learning based Insider Threat Modelling and Detection
    Le, Duc C.
    Zincir-Heywood, A. Nur
    [J]. 2019 IFIP/IEEE SYMPOSIUM ON INTEGRATED NETWORK AND SERVICE MANAGEMENT (IM), 2019,
  • [8] Analyzing Data Granularity Levels for Insider Threat Detection Using Machine Learning
    Le, Duc C.
    Zincir-Heywood, Nur
    Heywood, Malcolm I.
    [J]. IEEE TRANSACTIONS ON NETWORK AND SERVICE MANAGEMENT, 2020, 17 (01): : 30 - 44
  • [9] Insider Threat Detection using Virtual Machine Introspection
    Crawford, Martin
    Peterson, Gilbert
    [J]. PROCEEDINGS OF THE 46TH ANNUAL HAWAII INTERNATIONAL CONFERENCE ON SYSTEM SCIENCES, 2013, : 1821 - 1830
  • [10] Insider Threat Detection Based on NLP Word Embedding and Machine Learning
    Haq, Mohd Anul
    Khan, Mohd Abdul Rahim
    Alshehri, Mohammed
    [J]. INTELLIGENT AUTOMATION AND SOFT COMPUTING, 2022, 33 (01): : 619 - 635
12345