Unsupervised Learning for Insider Threat Prediction: A Behavioral Analysis Approach

Rahat Mehmood, Zoe Jeffrey, Priyanka Singh

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Abstract—Most devastating cyber-attacks are caused by insiders with access privileges inside an organization. The main reason of insider attacks being that effective is that they don’t have many security barriers before they get into the critical resources of the system. Different machine learning techniques have been previously utilized to predict and identify insider threats within cybersecurity data, but such kind of models face a critical limitation as they require training on labeled datasets, rendering them less effective for real-time data streams which lack threat presence indicators. This work presents an unsupervised machine learning approach that predicts insider threat using behavior analysis for real-time threat data. Patterns are identified in user behavior, to make predictions about benign and malicious insiders. Features are selected by analyzing activities performed. Selected features are utilized to feed machine learning model which extracts anomalous behavior among users, using anomalies in
Original languageEnglish
Title of host publication2024 17th International Conference on Security of Information and Networks (SIN)
Place of PublicationSydney, Australia
PublisherInstitute of Electrical and Electronics Engineers (IEEE)
Number of pages6
Publication statusAccepted/In press - 24 Sept 2024
Event17th International Conference on Security of Information and Networks (SIN’24) - Sydney, Australia
Duration: 2 Dec 20244 Dec 2024
https://www.sinconf.org/sin2024/

Conference

Conference17th International Conference on Security of Information and Networks (SIN’24)
Abbreviated titleSIN 2024
Country/TerritoryAustralia
CitySydney
Period2/12/244/12/24
Internet address

Fingerprint

Dive into the research topics of 'Unsupervised Learning for Insider Threat Prediction: A Behavioral Analysis Approach'. Together they form a unique fingerprint.

Cite this