Zhihong Tian
Deep Learning and Dempster-Shafer Theory Based Insider Threat Detection
Tian, Zhihong; Shi, Wei; Tan, Zhiyuan; Qiu, Jing; Sun, Yanbin; Jiang, Feng; Liu, Yan
Authors
Abstract
Organizations' own personnel now have a greater ability than ever before to misuse their access to critical organizational assets. Insider threat detection is a key component in identifying rare anomalies in context, which is a growing concern for many organizations. Existing perimeter security mechanisms are proving to be ineffective against insider threats. As a prospective filter for the human analysts, a new deep learning based insider threat detection method that uses the Dempster-Shafer theory is proposed to handle both accidental as well as intentional insider threats via organization's channels of communication in real time. The long short-term memory (LSTM) architecture is applied to a recurrent neural network (RNN) in this work to detect anomalous network behavior patterns. Furthermore, belief is updated with Dempster's conditional rule and utilized to fuse evidence to achieve enhanced prediction. The CERT Insider Threat Dataset v6.2 is used to train the behavior model. Through performance evaluation, our proposed method is proven to be effective as an insider threat detection technique.
Citation
Tian, Z., Shi, W., Tan, Z., Qiu, J., Sun, Y., Jiang, F., & Liu, Y. (in press). Deep Learning and Dempster-Shafer Theory Based Insider Threat Detection. Mobile Networks and Applications, https://doi.org/10.1007/s11036-020-01656-7
| Journal Article Type | Article |
|---|---|
| Acceptance Date | May 22, 2019 |
| Online Publication Date | Oct 9, 2020 |
| Deposit Date | May 22, 2019 |
| Publicly Available Date | Oct 10, 2021 |
| Journal | Mobile Networks and Applications |
| Print ISSN | 1383-469X |
| Electronic ISSN | 1572-8153 |
| Publisher | Springer |
| Peer Reviewed | Peer Reviewed |
| DOI | https://doi.org/10.1007/s11036-020-01656-7 |
| Keywords | Deep learning, Insider threat, Network security, Recurrent neural networks |
| Public URL | http://researchrepository.napier.ac.uk/Output/1820856 |
Files
Deep Learning and Dempster-Shafer Theory Based Insider Threat Detection
(1.3 Mb)
PDF
Copyright Statement
“This is a post-peer-review, pre-copyedit version of an article published in Mobile Networks and Applications. The final authenticated version is available online at: http://dx.doi.org/[insert DOI]”.
You might also like
Can Federated Models Be Rectified Through Learning Negative Gradients?
(2024)
Conference Proceeding
Machine Un-learning: An Overview of Techniques, Applications, and Future Directions
(2023)
Journal Article
Downloadable Citations
About Edinburgh Napier Research Repository
Administrator e-mail: repository@napier.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2024
Advanced Search