Loading...
Paper Number
2399
Paper Type
Short
Abstract
Insider threats pose a unique challenge to organizational security. Traditional security measures struggle to distinguish malicious intent from benign behavior, exacerbated by the complexity of organizational data. While machine learning and deep learning offer promise in detecting insider threats, they often lack transparency in decision-making. To address these challenges, this paper introduces a transformer-based insider detection system developed within the Action Design Research framework. Emphasizing iterative development and practical relevance, our approach enhances both detection accuracy and explainability. Following structured stages of Diagnosis, Design, Implementation, and Evolution ensures that the system continually evolves to meet practical security needs, providing clearer insights into the decision-making process behind the detection of insider threats.
Recommended Citation
Zhong, Chen; Pourbehzadi, Motahareh; and Javidi, Giti, "Insider Detection Based on Behavior Sequences: A Transformer Approach" (2024). ICIS 2024 Proceedings. 12.
https://aisel.aisnet.org/icis2024/security/security/12
Insider Detection Based on Behavior Sequences: A Transformer Approach
Insider threats pose a unique challenge to organizational security. Traditional security measures struggle to distinguish malicious intent from benign behavior, exacerbated by the complexity of organizational data. While machine learning and deep learning offer promise in detecting insider threats, they often lack transparency in decision-making. To address these challenges, this paper introduces a transformer-based insider detection system developed within the Action Design Research framework. Emphasizing iterative development and practical relevance, our approach enhances both detection accuracy and explainability. Following structured stages of Diagnosis, Design, Implementation, and Evolution ensures that the system continually evolves to meet practical security needs, providing clearer insights into the decision-making process behind the detection of insider threats.
When commenting on articles, please be friendly, welcoming, respectful and abide by the AIS eLibrary Discussion Thread Code of Conduct posted here.
Comments
06-Security