Insider Threat Detection Using Multi-autoencoder Filtering and Unsupervised Learning

Insider threat detection and investigation are major challenges in digital forensics. Unlike external attackers, insiders have privileges to access resources in their organizations and violations of normal behavior are difficult to detect.

[1]  Brian Hutchinson,et al.  Deep Learning for Unsupervised Insider Threat Detection in Structured Cybersecurity Data Streams , 2017, AAAI Workshops.

[2]  Duc C. Le,et al.  Evaluating Insider Threat Detection Workflow Using Supervised and Unsupervised Learning , 2018, 2018 IEEE Security and Privacy Workshops (SPW).

[3]  George J Silowash,et al.  Detecting and Preventing Data Exfiltration Through Encrypted Web Sessions via Traffic Inspection , 2013 .

[4]  Karl Pearson F.R.S. LIII. On lines and planes of closest fit to systems of points in space , 1901 .

[5]  Mudita Singhal,et al.  Supervised and Unsupervised methods to detect Insider Threat from Enterprise Social and Online Activity Data , 2015, J. Wirel. Mob. Networks Ubiquitous Comput. Dependable Appl..

[6]  Max Welling,et al.  Auto-Encoding Variational Bayes , 2013, ICLR.

[7]  Teuvo Kohonen,et al.  Self-organized formation of topologically correct feature maps , 2004, Biological Cybernetics.

[8]  Bo Zong,et al.  Deep Autoencoding Gaussian Mixture Model for Unsupervised Anomaly Detection , 2018, ICLR.

[9]  Geoffrey E. Hinton,et al.  Reducing the Dimensionality of Data with Neural Networks , 2006, Science.

[10]  Lawrence B. Holder,et al.  Applying graph-based anomaly detection approaches to the discovery of insider threats , 2009, 2009 IEEE International Conference on Intelligence and Security Informatics.

[11]  Yichen Wei,et al.  Winnowing Multihashing Structure with Wildcard Query , 2014, APWeb Workshophs.

[12]  J. MacQueen Some methods for classification and analysis of multivariate observations , 1967 .

[13]  Zhi-Hua Zhou,et al.  Isolation Forest , 2008, 2008 Eighth IEEE International Conference on Data Mining.

[14]  Bernhard Schölkopf,et al.  Support Vector Method for Novelty Detection , 1999, NIPS.

[15]  Pascal Vincent,et al.  Stacked Denoising Autoencoders: Learning Useful Representations in a Deep Network with a Local Denoising Criterion , 2010, J. Mach. Learn. Res..

[16]  VARUN CHANDOLA,et al.  Anomaly detection: A survey , 2009, CSUR.

[17]  Mudita Singhal,et al.  Detecting Insider Threat from Enterprise Social and Online Activity Data , 2015, MIST@CCS.

[18]  Malek Ben Salem,et al.  A Survey of Insider Attack Detection Research , 2008, Insider Attack and Cyber Security.

[19]  V. Roth Kernel Fisher Discriminants for Outlier Detection , 2006 .

[20]  Stefan Axelsson A Preliminary Attempt to Apply Detection and Estimation Theory to Intrusion Detection , 2007 .

[21]  Stefan Axelsson,et al.  The base-rate fallacy and the difficulty of intrusion detection , 2000, TSEC.

[22]  Oliver Brdiczka,et al.  A Bayesian Network Model for Predicting Insider Threats , 2013, 2013 IEEE Security and Privacy Workshops.

[23]  D. Rubin,et al.  Maximum likelihood from incomplete data via the EM - algorithm plus discussions on the paper , 1977 .

[24]  Yuan Yu,et al.  TensorFlow: A system for large-scale machine learning , 2016, OSDI.

[25]  Yichen Wei,et al.  Winnowing Double Structure for Wildcard Query in Payload Attribution , 2014, ISC.

[26]  Jason R. C. Nurse,et al.  A New Take on Detecting Insider Threats: Exploring the Use of Hidden Markov Models , 2016, MIST@CCS.

[27]  Arvind Kumar,et al.  Steganography- A Data Hiding Technique , 2010 .