Insider threat detection is a very important problem requiring critical attention. This chapter presents a number of approaches to detect insider threats through augmented unsupervised and supervised learning techniques on evolving stream. We have considered both sequence and nonsequence stream data.
The supervised learning approach to insider threat detection outperformed the unsupervised learning approach. The supervised method succeeded in identifying all 12 anomalies in the 1998 Lincoln Laboratory Intrusion Detection dataset with zero false negatives (FN) and a lower false positive (FP) rate than the unsupervised approach.
For unsupervised learning, graph-based ...
Get Big Data Analytics with Applications in Insider Threat Detection now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
