Abstract
The persistence and growth of insider threats pose a significant challenge to the information security community. Malicious insiders have been identified as one of the most detrimental threats to sensitive data including systems of enterprises and government agencies. Detecting insider threats presents a unique set of challenges, including dealing with large and imbalanced datasets and limited availability of ground truth information. Insider threats pose a serious risk to organizations, financial institutions, and government agencies. Former and current employees often exploit their trusted positions to disrupt regular organizational functions or unlawfully disclose classified or confidential information for personal or group gain. These actions can lead to severe financial, reputational, and operational consequences for the affected entities. To address this pressing issue, the research presented in this paper proposes a user-centric approach for insider threat detection. This approach focuses on leveraging downloads activity logs to analyse and detect patterns associated with insider threats. By examining user behaviours related to downloading activities, valuable insights to gained, and existing detection techniques can be enhanced. The proposed methodology aims to provide practical solutions for identifying and mitigating potential insider threats within organisations. Among the selected classifiers, RandomTree exhibited the highest accuracy rate of 0.981%, making it the most suitable option for the insider threat detection system. The accuracy rate indicates the overall correctness of the model’s predictions, with a higher value indicating a better performance in classifying instances correctly.
| Original language | English |
|---|---|
| Title of host publication | Advances in Information and Communication |
| Subtitle of host publication | Proceedings of the 2024 Future of Information and Communication Conference (FICC), Volume 2 |
| Editors | Kohei Arai |
| Place of Publication | Switzerland |
| Publisher | Springer Science and Business Media Deutschland GmbH |
| Pages | 457-472 |
| Number of pages | 16 |
| Volume | 2 |
| ISBN (Electronic) | 9783031539633 |
| ISBN (Print) | 9783031539626 |
| DOIs | |
| Publication status | Published - 2024 |
| Event | Future of Information and Communication Conference, FICC 2024 - Novotel Berlin Am Tiergarten, Berlin, Germany Duration: 04 Apr 2024 → 05 Apr 2024 https://saiconference.com/Conferences/FICC2024 (Conference website and proceedings) https://saiconference.com/Downloads/FICC2024/Agenda.pdf (Agenda) https://link.springer.com/content/pdf/bfm:978-3-031-53963-3/1 (Front matter) https://www.amazon.com/Advances-Information-Communication-Proceedings-Conference/dp/3031539621 (Presentation evidence) |
Publication series
| Name | Lecture Notes in Networks and Systems |
|---|---|
| Volume | 920 LNNS |
| ISSN (Print) | 2367-3370 |
| ISSN (Electronic) | 2367-3389 |
Conference
| Conference | Future of Information and Communication Conference, FICC 2024 |
|---|---|
| Country/Territory | Germany |
| City | Berlin |
| Period | 04/04/24 → 05/04/24 |
| Other | The Future of Information and Communication Conference (FICC) 2024, held on April 4-5 in Berlin, Germany, showcased groundbreaking insights from esteemed keynote speakers Mathias Fink, Marios Kountouris, Marcel Worring, and Sören Auer. With 139 paper presentations from a pool of 401 submissions, the event boasted a exceptional acceptance rate, highlighting the rigor of selection. Delegates from 55 countries convened to explore cutting-edge research and trends in information technology and communication. The evening Spree river cruise on April 4 provided a picturesque setting for networking among participants, fostering collaboration and camaraderie. FICC 2024 epitomized global collaboration and innovation in the field. |
| Internet address |
|