Litcius/Paper detail

Handling Insider Threat Through Supervised Machine Learning Techniques

Faisal Janjua, Asif Masood, Haider Abbas, Imran Rashid

2020Procedia Computer Science44 citationsDOIOpen Access PDF

Abstract

Information technology systems face increasing cyber security threats, mostly from insiders. Network security mechanism for insiders are not as strict as for rest. Also insider can easily bypass security or have legitimate access to confidential documents, therefore to detect and prevent insider threat is a growing challenge. The aim of this paper is to implement predictive models that are using linguistic analysis to determine an employee’s risk level computer-mediated communication, particularly emails. The emails log part of the TWOS dataset has been analyzed using supervised machine learning techniques. The data set comprise behavior traces of 24 users observed over 5 days spam. Limited data issue have been addressed by avoiding complex models with many parameters. We have limited their normalization and ability to overfit by using existing pivotal models. The outcomes are collated and contrasted for the following algorithms: Adaboost, Naive Bayes (NB), Logistic Regression (LR), KNN, Linear Regression (LR) and Support Vector Machine (SVM). Among all these algorithms, Adaboost has outperformed with 98.3% Accuracy and 0.983 AUC for identification of malicious emails.

Topics & Concepts

Computer scienceOverfittingMachine learningInsider threatSupport vector machineArtificial intelligenceNaive Bayes classifierAdaBoostInsiderIdentification (biology)Data miningArtificial neural networkBotanyPolitical scienceBiologyLawNetwork Security and Intrusion DetectionSpam and Phishing DetectionInternet Traffic Analysis and Secure E-voting
Handling Insider Threat Through Supervised Machine Learning Techniques | Litcius