Exploring Feature Normalization and Temporal Information for Machine Learning Based Insider Threat Detection. Ferreira, P., Le, D. C., & Zincir-Heywood, N. In International Conference on Network and Service Management (CNSM 2019), Halifax, Canada, October, 2019.
![Exploring Feature Normalization and Temporal Information for Machine Learning Based Insider Threat Detection [pdf]](https://bibbase.org/img/filetypes/pdf.svg "pdf")
Paper abstract bibtex
Paper abstract bibtex Insider threat is one of the most damaging cybersecurity attacks to companies and organizations. The threats are also hard to detect, largely due to its nature that malicious actions are performed by the insiders. In this paper, we explore different techniques to leverage spatial and temporal characteristics of user behaviours (actions). In particular, feature normalization (scaling) techniques and a scheme for representing explicit temporal information are explored to improve the performance of the machine learning based insider threat detection systems. The obtained results show that these data characteristics have different effects on different insider threat classifiers. This shows a promising future research direction for further analysis of different user behaviours.
@INPROCEEDINGS{Ferreira_cnsm2019,
AUTHOR="Pedro Ferreira and Duc C. Le and Nur Zincir-Heywood",
TITLE="Exploring Feature Normalization and Temporal Information for Machine
Learning Based Insider Threat Detection",
BOOKTITLE="International Conference on Network and Service Management (CNSM 2019)",
ADDRESS="Halifax, Canada",
url_Paper = {http://dl.ifip.org/db/conf/cnsm/cnsm2019/1570566066.pdf},
DAYS=21,
MONTH=oct,
YEAR=2019,
KEYWORDS="Insider Threat Detection; data normalization; temporal information",
ABSTRACT="Insider threat is one of the most damaging cybersecurity attacks to
companies and organizations. The threats are also hard to detect, largely
due to its nature that malicious actions are performed by the insiders. In
this paper, we explore different techniques to leverage spatial and
temporal characteristics of user behaviours (actions). In particular,
feature normalization (scaling) techniques and a scheme for representing
explicit temporal information are explored to improve the performance of
the machine learning based insider threat detection systems. The obtained
results show that these data characteristics have different effects on
different insider threat classifiers. This shows a promising future
research direction for further analysis of different user behaviours."
}Downloads: 0
{"_id":"MofQKortKbHtiCrmX","bibbaseid":"ferreira-le-zincirheywood-exploringfeaturenormalizationandtemporalinformationformachinelearningbasedinsiderthreatdetection-2019","authorIDs":["54xs5YjqNu6xHk29R","5a74da6e50da097644000035","5df8f6b0277e45de01000181","5e23bb7579cb6df20100009d","5e246cfc36283cde01000029","5e2f905648b7a4df01000142","5e3444e10c807ede010000dc","5e3449e20c807ede01000130","5e4360bea37866de01000186","5e4571a449667cde0100017a","5e4d7a9b08a8e5de010001ad","5e6b902f1e8366df0100011a","C98bz68HJ5foxXwYN","HhQMFT7BobpBEHFBD","KgiaN4EuDodDG2bKf","MD2Y99seHKkvJKtMs","NeWeKRD9bbGJ5GC8z","S7Syib2qnK3HDykBn","SMxkccDMtPzyyKcAN","TLgtB22T7Wn7PTGZG","XfnhHssx7qRnaqgGk","Yp7dsRY4LcAsX3N49","cKzt7ZFsitbk3Yqzc","doRBd2QBfq3P4NfvH","gSrTP54evNqY2jCm2","h5A5gmdteNyyHydSH","kMcN5PbYTq3sczEFr","smijjbJmCAJ9HX2aK","ttpzePbKSjjv8JMPj","u6uEpPKZwnPNxTFxA"],"author_short":["Ferreira, P.","Le, D. C.","Zincir-Heywood, N."],"bibdata":{"bibtype":"inproceedings","type":"inproceedings","author":[{"firstnames":["Pedro"],"propositions":[],"lastnames":["Ferreira"],"suffixes":[]},{"firstnames":["Duc","C."],"propositions":[],"lastnames":["Le"],"suffixes":[]},{"firstnames":["Nur"],"propositions":[],"lastnames":["Zincir-Heywood"],"suffixes":[]}],"title":"Exploring Feature Normalization and Temporal Information for Machine Learning Based Insider Threat Detection","booktitle":"International Conference on Network and Service Management (CNSM 2019)","address":"Halifax, Canada","url_paper":"http://dl.ifip.org/db/conf/cnsm/cnsm2019/1570566066.pdf","days":"21","month":"October","year":"2019","keywords":"Insider Threat Detection; data normalization; temporal information","abstract":"Insider threat is one of the most damaging cybersecurity attacks to companies and organizations. The threats are also hard to detect, largely due to its nature that malicious actions are performed by the insiders. In this paper, we explore different techniques to leverage spatial and temporal characteristics of user behaviours (actions). In particular, feature normalization (scaling) techniques and a scheme for representing explicit temporal information are explored to improve the performance of the machine learning based insider threat detection systems. The obtained results show that these data characteristics have different effects on different insider threat classifiers. This shows a promising future research direction for further analysis of different user behaviours.","bibtex":"@INPROCEEDINGS{Ferreira_cnsm2019,\nAUTHOR=\"Pedro Ferreira and Duc C. Le and Nur Zincir-Heywood\",\nTITLE=\"Exploring Feature Normalization and Temporal Information for Machine\nLearning Based Insider Threat Detection\",\nBOOKTITLE=\"International Conference on Network and Service Management (CNSM 2019)\",\nADDRESS=\"Halifax, Canada\",\nurl_Paper = {http://dl.ifip.org/db/conf/cnsm/cnsm2019/1570566066.pdf},\nDAYS=21,\nMONTH=oct,\nYEAR=2019,\nKEYWORDS=\"Insider Threat Detection; data normalization; temporal information\",\nABSTRACT=\"Insider threat is one of the most damaging cybersecurity attacks to\ncompanies and organizations. The threats are also hard to detect, largely\ndue to its nature that malicious actions are performed by the insiders. In\nthis paper, we explore different techniques to leverage spatial and\ntemporal characteristics of user behaviours (actions). In particular,\nfeature normalization (scaling) techniques and a scheme for representing\nexplicit temporal information are explored to improve the performance of\nthe machine learning based insider threat detection systems. The obtained\nresults show that these data characteristics have different effects on\ndifferent insider threat classifiers. This shows a promising future\nresearch direction for further analysis of different user behaviours.\"\n}\n\n","author_short":["Ferreira, P.","Le, D. C.","Zincir-Heywood, N."],"key":"Ferreira_cnsm2019","id":"Ferreira_cnsm2019","bibbaseid":"ferreira-le-zincirheywood-exploringfeaturenormalizationandtemporalinformationformachinelearningbasedinsiderthreatdetection-2019","role":"author","urls":{" paper":"http://dl.ifip.org/db/conf/cnsm/cnsm2019/1570566066.pdf"},"keyword":["Insider Threat Detection; data normalization; temporal information"],"metadata":{"authorlinks":{"le, d":"https://web.cs.dal.ca/"}}},"bibtype":"inproceedings","biburl":"https://web.cs.dal.ca/~lcd/pubs/lcd.bib","creationDate":"2019-10-17T15:18:29.494Z","downloads":0,"keywords":["insider threat detection; data normalization; temporal information"],"search_terms":["exploring","feature","normalization","temporal","information","machine","learning","based","insider","threat","detection","ferreira","le","zincir-heywood"],"title":"Exploring Feature Normalization and Temporal Information for Machine Learning Based Insider Threat Detection","year":2019,"dataSources":["4QJPx5n9LceLztYQz","qov2MJF4DhMZbnA26"]}