Distance Measurement Methods for Improved Insider Threat Detection

Distance Measurement Methods for Improved Insider Threat Detection

Insider threats are a considerable problem within cyber security and it is often difficult to detect these threats using signature detection. Increasing machine learning can provide a solution, but these methods often fail to take into account changes of behaviour of users. This work builds on a pub...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Security and communication networks 2018-01, Vol.2018 (2018), p.1-18
Hauptverfasser: Macfarlane, Richard, Griffiths, Paul, Buchanan, William J., Lo, Owen
Format: Artikel
Sprache:eng
Schlagworte:
Change detection
Cybersecurity
Datasets
Distance measurement
Information sources
Machine learning
Measurement methods
Measurement techniques
Neural networks
Ontology
Principal components analysis
Resource Description Framework-RDF
Threats
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Insider threats are a considerable problem within cyber security and it is often difficult to detect these threats using signature detection. Increasing machine learning can provide a solution, but these methods often fail to take into account changes of behaviour of users. This work builds on a published method of detecting insider threats and applies Hidden Markov method on a CERT data set (CERT r4.2) and analyses a number of distance vector methods (Damerau–Levenshtein Distance, Cosine Distance, and Jaccard Distance) in order to detect changes of behaviour, which are shown to have success in determining different insider threats.
ISSN:1939-0114
1939-0122
DOI:10.1155/2018/5906368