Training regime influences to semi-supervised learning for insider threat detection
暂无分享,去创建一个
A malicious insider is one of the most damaging threats to any organization from industry to government agencies. Many challenges from insider threat detection come from the fact that the ground truth is very limited and costly to acquire. This paper presents a semi-supervised learning approach to insider threat detection. We employ three machine learning methods under different real-world conditions. These include obtaining the initial ground truth training data randomly or via a certain type of insider malicious behavior or by anomaly detection system scores. Evaluation results show that the approach allows learning from very limited data for insider threat detection at high precision. 90% of malicious data instances are detected under 1% false positive rate.