Towards Validation of Insider Threat Identification Algorithm with Synthetic Data

CEUR Workshop Proceedings. Vol.3698: Joint of 16th International Baltic Conference on Digital Business and Intelligent Systems Conference Forum and Doctoral Consortium 2024
Oksana Ņikiforova, Vitālijs Zabiņako

This paper addresses the challenge of detecting insider threats in cybersecurity by proposing behavior model-driven approaches. It argues that existing datasets are incapable to capture nuanced user activities accurately and proposes an enhanced dataset generated by more elegant structure. The paper discusses the evolving threat situations and the need for proactive cybersecurity measures, presents a taxonomy of insiders, and emphasizes the importance of behavior-driven approaches. It mentions existing datasets limitations and introduces the proposed data generator structure, explaining its components and implementation logic. The paper illustrates a use case showcasing the application of generated data for insider threat identification. It concludes by stressing the significance of behavior-driven approaches and high-quality datasets in enhancing detection capabilities against insider threats.

Keywords
cyber security; Insider threat identification; machine learning; synthetic dataset generation
Hyperlink
https://ceur-ws.org/Vol-3698/paper5.pdf

Ņikiforova, O., Zabiņako, V. Towards Validation of Insider Threat Identification Algorithm with Synthetic Data. In: CEUR Workshop Proceedings. Vol.3698: Joint of 16th International Baltic Conference on Digital Business and Intelligent Systems Conference Forum and Doctoral Consortium, Lithuania, Vilnius, 30 Jun-3 Jul., 2024. Aachen: RWTH, 2024, pp.48-57. ISSN 1613-0073.

Publication language
English (en)