Machine learning based Insider Threat Modelling and Detection. Le, D. C. & Zincir-Heywood, A. N. In IFIP/IEEE International Symposium on Integrated Network Management, Washington DC, USA, April, 2019.
![Machine learning based Insider Threat Modelling and Detection [pdf]](https://bibbase.org/img/filetypes/pdf.svg "pdf")
Paper abstract bibtex 2 downloads
Paper abstract bibtex 2 downloads Recently, malicious insider attacks represent one of the most damaging threats to companies and government agencies. This paper proposes a new framework in constructing a user-centered machine learning based insider threat detection system on multiple data granularity levels. System evaluations and analysis are performed not only on individual data instances but also on normal and malicious insiders, where insider scenario specific results and delay in detection are reported and discussed. Our results show that the machine learning based detection system can learn from limited ground truth and detect new malicious insiders with a high accuracy.
@inproceedings{Le_dissect2019,
abstract = {Recently, malicious insider attacks represent one of the most damaging threats to companies and government agencies. This paper proposes a new framework in constructing a user-centered machine learning based insider threat detection system on multiple data granularity levels. System evaluations and analysis are performed not only on individual data instances but also on normal and malicious insiders, where insider scenario specific results and delay in detection are reported and discussed. Our results show that the machine learning based detection system can learn from limited ground truth and detect new malicious insiders with a high accuracy.},
author = {Le, Duc C. and Zincir-Heywood, A. Nur},
booktitle={IFIP/IEEE International Symposium on Integrated Network Management},
title={Machine learning based Insider Threat Modelling and Detection},
year={2019},
month=apr,
address = {Washington DC, USA},
url_paper = {http://dl.ifip.org/db/conf/im/im2019-ws2-dissect/191805.pdf}
}Downloads: 2
{"_id":"SjSRpvmmk6NMqbvcy","bibbaseid":"le-zincirheywood-machinelearningbasedinsiderthreatmodellinganddetection-2019","downloads":2,"creationDate":"2019-04-08T18:58:56.898Z","title":"Machine learning based Insider Threat Modelling and Detection","author_short":["Le, D. C.","Zincir-Heywood, A. N."],"year":2019,"bibtype":"inproceedings","biburl":"https://web.cs.dal.ca/~lcd/pubs/lcd.bib","bibdata":{"bibtype":"inproceedings","type":"inproceedings","abstract":"Recently, malicious insider attacks represent one of the most damaging threats to companies and government agencies. This paper proposes a new framework in constructing a user-centered machine learning based insider threat detection system on multiple data granularity levels. System evaluations and analysis are performed not only on individual data instances but also on normal and malicious insiders, where insider scenario specific results and delay in detection are reported and discussed. Our results show that the machine learning based detection system can learn from limited ground truth and detect new malicious insiders with a high accuracy.","author":[{"propositions":[],"lastnames":["Le"],"firstnames":["Duc","C."],"suffixes":[]},{"propositions":[],"lastnames":["Zincir-Heywood"],"firstnames":["A.","Nur"],"suffixes":[]}],"booktitle":"IFIP/IEEE International Symposium on Integrated Network Management","title":"Machine learning based Insider Threat Modelling and Detection","year":"2019","month":"April","address":"Washington DC, USA","url_paper":"http://dl.ifip.org/db/conf/im/im2019-ws2-dissect/191805.pdf","bibtex":"@inproceedings{Le_dissect2019,\nabstract = {Recently, malicious insider attacks represent one of the most damaging threats to companies and government agencies. This paper proposes a new framework in constructing a user-centered machine learning based insider threat detection system on multiple data granularity levels. System evaluations and analysis are performed not only on individual data instances but also on normal and malicious insiders, where insider scenario specific results and delay in detection are reported and discussed. Our results show that the machine learning based detection system can learn from limited ground truth and detect new malicious insiders with a high accuracy.},\nauthor = {Le, Duc C. and Zincir-Heywood, A. Nur},\nbooktitle={IFIP/IEEE International Symposium on Integrated Network Management}, \ntitle={Machine learning based Insider Threat Modelling and Detection}, \nyear={2019},\nmonth=apr,\naddress = {Washington DC, USA},\nurl_paper = {http://dl.ifip.org/db/conf/im/im2019-ws2-dissect/191805.pdf}\n}\n\n","author_short":["Le, D. C.","Zincir-Heywood, A. N."],"key":"Le_dissect2019","id":"Le_dissect2019","bibbaseid":"le-zincirheywood-machinelearningbasedinsiderthreatmodellinganddetection-2019","role":"author","urls":{" paper":"http://dl.ifip.org/db/conf/im/im2019-ws2-dissect/191805.pdf"},"metadata":{"authorlinks":{"le, d":"https://web.cs.dal.ca/~lcd/"}},"downloads":2,"html":""},"search_terms":["machine","learning","based","insider","threat","modelling","detection","le","zincir-heywood"],"keywords":[],"authorIDs":["54xs5YjqNu6xHk29R","5a74da6e50da097644000035","5df8f6b0277e45de01000181","5e23bb7579cb6df20100009d","5e246cfc36283cde01000029","5e2f905648b7a4df01000142","5e3444e10c807ede010000dc","5e3449e20c807ede01000130","5e4360bea37866de01000186","5e4571a449667cde0100017a","5e4d7a9b08a8e5de010001ad","5e6b902f1e8366df0100011a","C98bz68HJ5foxXwYN","HhQMFT7BobpBEHFBD","KgiaN4EuDodDG2bKf","MD2Y99seHKkvJKtMs","NeWeKRD9bbGJ5GC8z","S7Syib2qnK3HDykBn","SMxkccDMtPzyyKcAN","TLgtB22T7Wn7PTGZG","XfnhHssx7qRnaqgGk","Yp7dsRY4LcAsX3N49","cKzt7ZFsitbk3Yqzc","doRBd2QBfq3P4NfvH","gSrTP54evNqY2jCm2","h5A5gmdteNyyHydSH","kMcN5PbYTq3sczEFr","smijjbJmCAJ9HX2aK","ttpzePbKSjjv8JMPj","u6uEpPKZwnPNxTFxA"],"dataSources":["4QJPx5n9LceLztYQz","qov2MJF4DhMZbnA26"]}