Skip to main content

Research Repository

Advanced Search

Deep Learning and Dempster-Shafer Theory Based Insider Threat Detection

Tian, Zhihong; Shi, Wei; Tan, Zhiyuan; Qiu, Jing; Sun, Yanbin; Jiang, Feng; Liu, Yan


Zhihong Tian

Wei Shi

Jing Qiu

Yanbin Sun

Feng Jiang

Yan Liu


Organizations' own personnel now have a greater ability than ever before to misuse their access to critical organizational assets. Insider threat detection is a key component in identifying rare anomalies in context, which is a growing concern for many organizations. Existing perimeter security mechanisms are proving to be ineffective against insider threats. As a prospective filter for the human analysts, a new deep learning based insider threat detection method that uses the Dempster-Shafer theory is proposed to handle both accidental as well as intentional insider threats via organization's channels of communication in real time. The long short-term memory (LSTM) architecture is applied to a recurrent neural network (RNN) in this work to detect anomalous network behavior patterns. Furthermore, belief is updated with Dempster's conditional rule and utilized to fuse evidence to achieve enhanced prediction. The CERT Insider Threat Dataset v6.2 is used to train the behavior model. Through performance evaluation, our proposed method is proven to be effective as an insider threat detection technique.


Tian, Z., Shi, W., Tan, Z., Qiu, J., Sun, Y., Jiang, F., & Liu, Y. (in press). Deep Learning and Dempster-Shafer Theory Based Insider Threat Detection. Mobile Networks and Applications,

Journal Article Type Article
Acceptance Date May 22, 2019
Online Publication Date Oct 9, 2020
Deposit Date May 22, 2019
Publicly Available Date Oct 10, 2021
Journal Mobile Networks and Applications
Print ISSN 1383-469X
Electronic ISSN 1572-8153
Publisher Springer
Peer Reviewed Peer Reviewed
Keywords Deep learning, Insider threat, Network security, Recurrent neural networks
Public URL


Deep Learning and Dempster-Shafer Theory Based Insider Threat Detection (1.3 Mb)

Copyright Statement
“This is a post-peer-review, pre-copyedit version of an article published in Mobile Networks and Applications. The final authenticated version is available online at:[insert DOI]”.

You might also like

Downloadable Citations

Whoops, looks like something went wrong.