Detecting Insider Threat from Behavioral Logs Based on Ensemble and Self-Supervised Learning | Zendy

Chunrui Zhang | Zendy; Shen Wang | Zendy; Dechen Zhan | Zendy; Tingyue Yu | Zendy; Tiangang Wang | Zendy; Mingyong Yin | Zendy

AI Assistant Blog Pricing

Home ZAIA Blog

Open Access

Detecting Insider Threat from Behavioral Logs Based on Ensemble and Self-Supervised Learning

Author(s) -

Chunrui Zhang,

Shen Wang,

Dechen Zhan,

Tingyue Yu,

Tiangang Wang,

Mingyong Yin

Publication year - 2021

Publication title -

security and communication networks

Language(s) - English

Resource type - Journals

SCImago Journal Rank - 0.446

H-Index - 43

eISSN - 1939-0114

pISSN - 1939-0122

DOI - 10.1155/2021/4148441

Subject(s) - computer science , insider threat , insider , machine learning , artificial intelligence , ensemble learning , supervised learning , representation (politics) , limit (mathematics) , pattern recognition (psychology) , artificial neural network , mathematical analysis , mathematics , politics , political science , law

Recent studies have highlighted that insider threats are more destructive than external network threats. Despite many research studies on this, the spatial heterogeneity and sample imbalance of input features still limit the effectiveness of existing machine learning-based detection methods. To solve this problem, we proposed a supervised insider threat detection method based on ensemble learning and self-supervised learning. Moreover, we propose an entity representation method based on TF-IDF to improve the detection effect. Experimental results show that the proposed method can effectively detect malicious sessions in CERT4.2 and CERT6.2 datasets, where the AUCs are 99.2% and 95.3% in the best case.

The content you want is available to Zendy users.

Already have an account? Click here to sign in.

Having issues? You can contact us here

Accelerating Research