Frequency : 12 issues per year
Subject : Computer Applications and Technology
ISSN : 2319–8656 (Online)
IJCATR Volume 13 Issue 10
A Theory-Based Deep Learning Approach for Insider Threat Detection and Classification
Everleen Nekesa Wanyonyi, Newton Wafula Masinde, Silvance Onyango Abeka
10.7753/IJCATR1310.1004
keywords : Insider; threat detection; theory-based; information security; deep learning; Gated Recurrent Unit; network behavior
Insider threats are a substantial concern to organizational security, often leading to grave financial and reputational damage. Classical insider threat detection methods rely on predefined rules and signatures and struggle to keep pace with these attacks' sophisticated and evolving nature leading to dismal performances. This research introduces a deep learning-based approach for insider threat detection, leveraging user network behavior as the primary data source. Our technology detects deviations in user network activity that might indicate harmful insider activities. We use a Gated Recurrent Network (GRU) that captures user behavior's temporal and spatial characteristics. The proposed model is validated using a synthetic CERT r4.2 dataset and exhibits higher detection rates based on accuracy, Recall, Precision, and f-measure. Additionally, the Social Bond Theory (SBT) and the Situational Crime Prevention Theory (SCPT) are used to elaborate effective ways to control insider threats. This study also presents solutions for dataset imbalance and high dimensionality that adversely hinder common insider threat datasets from giving accurate predictions during model training and validation. Our findings show that deep learning and data preprocessing approaches can considerably improve the ability to detect insider threats, giving organizations a reliable defense mechanism against insider threats.
@artical{e13102024ijcatr13101004,
Title = "A Theory-Based Deep Learning Approach for Insider Threat Detection and Classification",
Journal ="International Journal of Computer Applications Technology and Research(IJCATR)",
Volume = "13",
Issue ="10",
Pages ="52 - 61",
Year = "2024",
Authors ="Everleen Nekesa Wanyonyi, Newton Wafula Masinde, Silvance Onyango Abeka"}
Advances a more accurate proactive tool for monitoring user network behavior to detect threats.
Contributes to the information security theory. @ Catalyzes multidisciplinary research by integrating concepts from various fields to solve the insider threat problems.
Enhances the defense-in-depth strategy to encompass users to improve the theoretical basis of security models.