Abstract
Abstract—Most devastating cyber-attacks are caused by insiders with access privileges inside an organization. The main reason of insider attacks being that effective is that they don’t have many security barriers before they get into the critical resources of the system. Different machine learning techniques have been previously utilized to predict and identify insider threats within cybersecurity data, but such kind of models face a critical limitation as they require training on labeled datasets, rendering them less effective for real-time data streams which lack threat presence indicators. This work presents an unsupervised machine learning approach that predicts insider threat using behavior analysis for real-time threat data. Patterns are identified in user behavior, to make predictions about benign and malicious insiders. Features are selected by analyzing activities performed. Selected features are utilized to feed machine learning model which extracts anomalous behavior among users, using anomalies in
Original language | English |
---|---|
Title of host publication | 2024 17th International Conference on Security of Information and Networks (SIN) |
Place of Publication | Sydney, Australia |
Publisher | Institute of Electrical and Electronics Engineers (IEEE) |
Number of pages | 6 |
Publication status | Accepted/In press - 24 Sept 2024 |
Event | 17th International Conference on Security of Information and Networks (SIN’24) - Sydney, Australia Duration: 2 Dec 2024 → 4 Dec 2024 https://www.sinconf.org/sin2024/ |
Conference
Conference | 17th International Conference on Security of Information and Networks (SIN’24) |
---|---|
Abbreviated title | SIN 2024 |
Country/Territory | Australia |
City | Sydney |
Period | 2/12/24 → 4/12/24 |
Internet address |