Loading...

Media is loading
 

Paper Type

Complete

Abstract

Insider threat refers to the threat posed to organizations by individuals who have legitimate rights to access the internal system of an organization. It has been found that 27% of electronic crimes were suspected or known to be caused by insiders. Classification methods are usually used to detect insiders. However, as the number of malicious insiders within an organization is usually very small, the data set is highly imbalanced. Most of the classification methods will achieve high accuracy but low recall when dealing with imbalanced data. Autoencoder is a type of deep neural networks and can be used for abnormal detection. In this paper, we propose to use augmented autoencoder to detect insiders. The case study shows that the proposed autoencoder based method can greatly improve both recall and accuracy.

Share

COinS
 
Aug 10th, 12:00 AM

An Autoencoder Based Insider Attack Detection in Imbalanced Data

Insider threat refers to the threat posed to organizations by individuals who have legitimate rights to access the internal system of an organization. It has been found that 27% of electronic crimes were suspected or known to be caused by insiders. Classification methods are usually used to detect insiders. However, as the number of malicious insiders within an organization is usually very small, the data set is highly imbalanced. Most of the classification methods will achieve high accuracy but low recall when dealing with imbalanced data. Autoencoder is a type of deep neural networks and can be used for abnormal detection. In this paper, we propose to use augmented autoencoder to detect insiders. The case study shows that the proposed autoencoder based method can greatly improve both recall and accuracy.

When commenting on articles, please be friendly, welcoming, respectful and abide by the AIS eLibrary Discussion Thread Code of Conduct posted here.