In International Conference on Network and Service Management (CNSM 2019), Halifax, Canada, October, 2019. Paper abstract bibtex
Insider threat is one of the most damaging cybersecurity attacks to companies and organizations. The threats are also hard to detect, largely due to its nature that malicious actions are performed by the insiders. In this paper, we explore different techniques to leverage spatial and temporal characteristics of user behaviours (actions). In particular, feature normalization (scaling) techniques and a scheme for representing explicit temporal information are explored to improve the performance of the machine learning based insider threat detection systems. The obtained results show that these data characteristics have different effects on different insider threat classifiers. This shows a promising future research direction for further analysis of different user behaviours.