Title: Insider threat detection and prevention using semantic score and dynamic multi-fuzzy classifier
Authors: Malvika Singh; S. Sangeetha; B.M. Mehtre
Addresses: Institute for Development and Research in Banking Technology, Hyderabad, India; National Institute of Technology, Tiruchirappalli, India ' Department of Computer Applications, National Institute of Technology, Tiruchirappalli, India ' Institute for Development and Research in Banking Technology, Hyderabad, India
Abstract: Insider threat detection methods are usually based on machine and deep learning techniques. They consider insider threat as an anomaly detection problem. These methods are sophisticated in detection, but result in high false positives, poor threat detection rates and do not prevent malicious insiders. In this paper, an automatic insider threat detection and prevention system is proposed. It involves: data pre-processing for removal of noise; isometric feature mapping to minimise information loss while extracting features from high dimensional space; the emperor penguin algorithm due to its effective exploitation and exploration for optimum feature selection; semantic score computation using a combination of SentiWordNet and deep-Q-learning; and use of multi-fuzzy classifier to handle a variety of features in parallel for fast processing. After detecting malicious insiders, further access to organisational resources is denied by performing authentication. The proposed method is tested on CMU-CERT r4.2 dataset and the results outperform the existing methods.
Keywords: insider threat detection; ITD; user behaviour analysis; anomaly detection; insider threat prevention; ITP; semantic analysis.
DOI: 10.1504/IJAHUC.2023.128490
International Journal of Ad Hoc and Ubiquitous Computing, 2023 Vol.42 No.2, pp.95 - 112
Received: 08 Sep 2021
Accepted: 25 Feb 2022
Published online: 24 Jan 2023 *