TY - JOUR
T1 - An Integrated Imbalanced Learning and Deep Neural Network Model for Insider Threat Detection
AU - Nasser Al-Mhiqani, Mohammed
AU - Ahmed, Rabiah
AU - Zainal Abidin, Z. A.
AU - Isnin, S. N.
N1 - Funding Information:
Thank you to Research Group of Information Security Forensics and Computer Networking, Center for Advanced Computing Technology (C-ACT), Fakulti Teknologi Maklumat dan Komunikasi, Universiti Teknikal Malaysia Melaka (UTeM). This project is funded by the Ministry of Higher Education Malaysia under the Transdisciplinary Research Grant Scheme (TRGS) with project Number TRGS/1/2016/ UTEM/01/3. Its reference is TRGS/1/2016/FTMK-CACT/01/D00006.
Funding Information:
Thank you to Research Group of Information Security Forensics and Computer Networking, Center for Advanced Computing Technology (C-ACT), Fakulti Teknologi Maklumat dan Komunikasi, Universiti Teknikal Malaysia Melaka (UTeM). This project is funded by the Ministry of Higher Education Malaysia under the Transdisciplinary Research Grant Scheme (TRGS) with project Number TRGS/1/2016/ UTEM/01/3. Its reference is TRGS/1/2016/FTMKCACT/ 01/D00006.
Publisher Copyright:
© 2021. All rights reserved.
PY - 2021/1/1
Y1 - 2021/1/1
N2 - The insider threat is a vital security problem concern in both the private and public sectors. A lot of approaches available for detecting and mitigating insider threats. However, the implementation of an effective system for insider threats detection is still a challenging task. In previous work, the Machine Learning (ML) technique was proposed in the insider threats detection domain since it has a promising solution for a better detection mechanism. Nonetheless, the (ML) techniques could be biased and less accurate when the dataset used is hugely imbalanced. Therefore, in this article, an integrated insider threat detection is named (AD-DNN), which is an integration of adaptive synthetic technique (ADASYN) sampling approach and deep neural network technique (DNN). In the proposed model (AD-DNN), the adaptive synthetic (ADASYN) is used to solve the imbalanced data issue and the deep neural network (DNN) for insider threat detection. The proposed model uses the CERT dataset for the evaluation process. The experimental results show that the proposed integrated model improves the overall detection performance of insider threats. A significant impact on the accuracy performance brings a better solution in the proposed model compared with the current insider threats detection system.
AB - The insider threat is a vital security problem concern in both the private and public sectors. A lot of approaches available for detecting and mitigating insider threats. However, the implementation of an effective system for insider threats detection is still a challenging task. In previous work, the Machine Learning (ML) technique was proposed in the insider threats detection domain since it has a promising solution for a better detection mechanism. Nonetheless, the (ML) techniques could be biased and less accurate when the dataset used is hugely imbalanced. Therefore, in this article, an integrated insider threat detection is named (AD-DNN), which is an integration of adaptive synthetic technique (ADASYN) sampling approach and deep neural network technique (DNN). In the proposed model (AD-DNN), the adaptive synthetic (ADASYN) is used to solve the imbalanced data issue and the deep neural network (DNN) for insider threat detection. The proposed model uses the CERT dataset for the evaluation process. The experimental results show that the proposed integrated model improves the overall detection performance of insider threats. A significant impact on the accuracy performance brings a better solution in the proposed model compared with the current insider threats detection system.
KW - deep learning
KW - imbalanced data
KW - insider threat
KW - insider threats detection
KW - machine learning
KW - Security
UR - http://www.scopus.com/inward/record.url?scp=85100426593&partnerID=8YFLogxK
U2 - 10.14569/IJACSA.2021.0120166
DO - 10.14569/IJACSA.2021.0120166
M3 - Article
AN - SCOPUS:85100426593
VL - 12
SP - 573
EP - 577
JO - International Journal of Advanced Computer Science and Applications
JF - International Journal of Advanced Computer Science and Applications
SN - 2158-107X
IS - 1
M1 - 66
ER -