Internal user threats such as information leakage or system destruction can cause significant damage to the organization, however it is very difficult to prevent or detect this attack in advance. In this paper, we propose an anomaly-based insider threat detection method with local features and global statistics over the assumption that a user shows different patterns from regular behaviors during harmful actions. We experimentally show that our detection mechanism can achieve superior performance compared to the state of the art approaches for CMU CERT dataset.
Minhae JANG
KEPCO Research Institute
Yeonseung RYU
Myongji University
Jik-Soo KIM
Myongji University
Minkyoung CHO
Myongji University
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Copy
Minhae JANG, Yeonseung RYU, Jik-Soo KIM, Minkyoung CHO, "Against Insider Threats with Hybrid Anomaly Detection with Local-Feature Autoencoder and Global Statistics (LAGS)" in IEICE TRANSACTIONS on Information,
vol. E103-D, no. 4, pp. 888-891, April 2020, doi: 10.1587/transinf.2019EDL8180.
Abstract: Internal user threats such as information leakage or system destruction can cause significant damage to the organization, however it is very difficult to prevent or detect this attack in advance. In this paper, we propose an anomaly-based insider threat detection method with local features and global statistics over the assumption that a user shows different patterns from regular behaviors during harmful actions. We experimentally show that our detection mechanism can achieve superior performance compared to the state of the art approaches for CMU CERT dataset.
URL: https://global.ieice.org/en_transactions/information/10.1587/transinf.2019EDL8180/_p
Copy
@ARTICLE{e103-d_4_888,
author={Minhae JANG, Yeonseung RYU, Jik-Soo KIM, Minkyoung CHO, },
journal={IEICE TRANSACTIONS on Information},
title={Against Insider Threats with Hybrid Anomaly Detection with Local-Feature Autoencoder and Global Statistics (LAGS)},
year={2020},
volume={E103-D},
number={4},
pages={888-891},
abstract={Internal user threats such as information leakage or system destruction can cause significant damage to the organization, however it is very difficult to prevent or detect this attack in advance. In this paper, we propose an anomaly-based insider threat detection method with local features and global statistics over the assumption that a user shows different patterns from regular behaviors during harmful actions. We experimentally show that our detection mechanism can achieve superior performance compared to the state of the art approaches for CMU CERT dataset.},
keywords={},
doi={10.1587/transinf.2019EDL8180},
ISSN={1745-1361},
month={April},}
Copy
TY - JOUR
TI - Against Insider Threats with Hybrid Anomaly Detection with Local-Feature Autoencoder and Global Statistics (LAGS)
T2 - IEICE TRANSACTIONS on Information
SP - 888
EP - 891
AU - Minhae JANG
AU - Yeonseung RYU
AU - Jik-Soo KIM
AU - Minkyoung CHO
PY - 2020
DO - 10.1587/transinf.2019EDL8180
JO - IEICE TRANSACTIONS on Information
SN - 1745-1361
VL - E103-D
IS - 4
JA - IEICE TRANSACTIONS on Information
Y1 - April 2020
AB - Internal user threats such as information leakage or system destruction can cause significant damage to the organization, however it is very difficult to prevent or detect this attack in advance. In this paper, we propose an anomaly-based insider threat detection method with local features and global statistics over the assumption that a user shows different patterns from regular behaviors during harmful actions. We experimentally show that our detection mechanism can achieve superior performance compared to the state of the art approaches for CMU CERT dataset.
ER -