Title :
Insider Threat Detection Using Stream Mining and Graph Mining
Author :
Parveen, Pallabi ; Evans, Jonathan ; Thuraisingham, Bhavani ; Hamlen, Kevin W. ; Khan, Latifur
Author_Institution :
Dept. of Comput. Sci., Univ. of Texas at Dallas, Dallas, TX, USA
Abstract :
Evidence of malicious insider activity is often buried within large data streams, such as system logs accumulated over months or years. Ensemble-based stream mining leverages multiple classification models to achieve highly accurate anomaly detection in such streams even when the stream is unbounded, evolving, and unlabeled. This makes the approach effective for identifying insider threats who attempt to conceal their activities by varying their behaviors over time. This paper applies ensemble-based stream mining, unsupervised learning, and graph-based anomaly detection to the problem of insider threat detection, demonstrating that the ensemble-based approach is significantly more effective than traditional single-model methods.
Keywords :
data mining; graph theory; pattern classification; security of data; unsupervised learning; classification models; ensemble-based stream mining; graph mining; graph-based anomaly detection; insider threat detection; malicious insider activity; single-model methods; unsupervised learning; Conferences; Privacy; Security; Social network services; anomaly detection; ensemble; graph-based; insider threat;
Conference_Titel :
Privacy, Security, Risk and Trust (PASSAT) and 2011 IEEE Third Inernational Conference on Social Computing (SocialCom), 2011 IEEE Third International Conference on
Conference_Location :
Boston, MA
Print_ISBN :
978-1-4577-1931-8
DOI :
10.1109/PASSAT/SocialCom.2011.211
