Malicious insider threat detection using variation of sampling methods for anomaly detection in cloud environment. (January 2023)
- Record Type:
- Journal Article
- Title:
- Malicious insider threat detection using variation of sampling methods for anomaly detection in cloud environment. (January 2023)
- Main Title:
- Malicious insider threat detection using variation of sampling methods for anomaly detection in cloud environment
- Authors:
- S, Asha
D, Shanmugapriya
G, Padmavathi - Abstract:
- Abstract: Machine learning (ML) techniques have currently been exploited for malicious insider threat (MIT) detection. The data variation between malicious and genuine user influences the ML model to misinterpret a malicious insider. Hence, the class imbalance problem (CIP) remains a challenging one. Regardless of the CIP in MIT detection, past research has a significant shortfall in deploying diverse sampling methods. i.e., undersampling and oversampling approach. This study proposed a novel double-layer architecture for MIT detection. The initial layer involves integration, transformation, and sampling system of data. In the sampling system, an efficient sampling approach is adopted to depreciate CIP among eight sampling techniques, depending on the performance of support vector machine (SVM) classifier. Nearmiss2 (NM-2) excels and is considered an optimal sampling technique. In the second layer, sampled data of NM-2 is employed in an anomalous MIT detection model using various anomaly detection techniques and evaluated with performance metrics. The main focus is to validate the solution for CIP in anomaly detection techniques with previous research. The proposed double-layer architecture with NM-2 and One-class SVM obtained recall and f-score of 100% and 78.72%. In contrast, it exhibits an accuracy of 82.46%, with a reasonable detection rate for MIT detection
- Is Part Of:
- Computers & electrical engineering. Volume 105(2023)
- Journal:
- Computers & electrical engineering
- Issue:
- Volume 105(2023)
- Issue Display:
- Volume 105, Issue 2023 (2023)
- Year:
- 2023
- Volume:
- 105
- Issue:
- 2023
- Issue Sort Value:
- 2023-0105-2023-0000
- Page Start:
- Page End:
- Publication Date:
- 2023-01
- Subjects:
- Anomaly detection -- Cloud security -- Malicious insider -- Machine learning -- Performance evaluation -- Sampling techniques
Computer engineering -- Periodicals
Electrical engineering -- Periodicals
Electrical engineering -- Data processing -- Periodicals
Ordinateurs -- Conception et construction -- Périodiques
Électrotechnique -- Périodiques
Électrotechnique -- Informatique -- Périodiques
Computer engineering
Electrical engineering
Electrical engineering -- Data processing
Periodicals
Electronic journals
621.302854 - Journal URLs:
- http://www.sciencedirect.com/science/journal/00457906/ ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.compeleceng.2022.108519 ↗
- Languages:
- English
- ISSNs:
- 0045-7906
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 3394.680000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 25029.xml