For Full-Text PDF, please login, if you are a member of IEICE,|
or go to Pay Per View on menu list, if you are a nonmember of IEICE.
Against Insider Threats with Hybrid Anomaly Detection with Local-Feature Autoencoder and Global Statistics (LAGS)
Minhae JANG Yeonseung RYU Jik-Soo KIM Minkyoung CHO
IEICE TRANSACTIONS on Information and Systems
Publication Date: 2020/04/01
Online ISSN: 1745-1361
Type of Manuscript: LETTER
Category: Dependable Computing
abnormal detection, sequence-to-sequence learning, autoencoder, reconstruction error,
Full Text: PDF>>
Internal user threats such as information leakage or system destruction can cause significant damage to the organization, however it is very difficult to prevent or detect this attack in advance. In this paper, we propose an anomaly-based insider threat detection method with local features and global statistics over the assumption that a user shows different patterns from regular behaviors during harmful actions. We experimentally show that our detection mechanism can achieve superior performance compared to the state of the art approaches for CMU CERT dataset.