A Review of Recent Advances, Challenges and Opportunities in Malicious Insider Threat Detection using Machine Learning Methods

Insider threat detection has become a paramount concern in modern times where organizations strive to safeguard their sensitive information and critical assets from malicious actions by individuals with privileged access. This survey paper provides a comprehensive overview of insider threat detectio...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:IEEE access 2024-01, Vol.12, p.1-1
Hauptverfasser: Alzaabi, Fatima Rashed, Mehmood, Abid
Format: Artikel
Sprache:eng
Schlagworte:
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Insider threat detection has become a paramount concern in modern times where organizations strive to safeguard their sensitive information and critical assets from malicious actions by individuals with privileged access. This survey paper provides a comprehensive overview of insider threat detection, highlighting its significance in the current landscape of cybersecurity. The review encompasses a broad spectrum of methodologies and techniques, with a particular focus on classical machine-learning approaches and their limitations in effectively addressing the intricacies of insider threats. Furthermore, the survey explores the utilization of modern deep learning and natural language processing (NLP) based methods as promising alternatives, shedding light on their advantages over traditional methods. This analysis underscores the need for sophisticated solutions that can adapt to evolving threat landscapes and accommodate the intricacies of human behavior. In the conclusion section, the paper offers valuable insights into the future directions of insider threat detection. It advocates for the integration of more sophisticated time-series-based techniques, recognizing the importance of temporal patterns in insider threat behaviors. Additionally, the survey underscores the potential of NLP and large language model-based approaches, which can enhance threat detection by deciphering textual and contextual information. These recommendations reflect the evolving nature of insider threats and emphasize the need for proactive, data-driven strategies to safeguard organizations against internal security breaches. In conclusion, this survey not only underscores the urgency of addressing insider threats but also provides a roadmap for the adoption of advanced methodologies to enhance detection and mitigation capabilities in contemporary cybersecurity paradigms.
ISSN:2169-3536
2169-3536
DOI:10.1109/ACCESS.2024.3369906