Deakin University
Browse

File(s) under permanent embargo

Insider threat detection through attributed graph clustering

conference contribution
posted on 2017-09-11, 00:00 authored by Anagi GamachchiAnagi Gamachchi, S Boztas
While most organizations continue to invest in traditional network defences, a formidable security challenge has been brewing within their own boundaries. Malicious insiders with privileged access in the guise of a trusted source have carried out many attacks causing far reaching damage to financial stability, national security and brand reputation for both public and private sector organizations. Growing exposure and impact of the whistleblower community and concerns about job security with changing organizational dynamics has further aggravated this situation. The unpredictability of malicious attackers, as well as the complexity of malicious actions, necessitates the careful analysis of network, system and user parameters correlated with insider threat problem. Thus it creates a high dimensional, heterogeneous data analysis problem in isolating suspicious users. This research work proposes an insider threat detection framework, which utilizes the attributed graph clustering techniques and outlier ranking mechanism for enterprise users. Empirical results also confirm the effectiveness of the method by achieving the best area under curve value of 0.7648 for the receiver operating characteristic curve.

History

Pagination

112-119

Location

Sydney, N.S.W.

Start date

2017-08-01

End date

2017-08-04

ISBN-13

9781509049059

Language

eng

Publication classification

E Conference publication, E1.1 Full written paper - refereed

Copyright notice

2017, IEEE

Editor/Contributor(s)

[Unknown]

Title of proceedings

Trustcom/BigDataSE/ICESS 2017 : Proceedings of the 16th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, 11th IEEE International Conference on Big Data Science and Engineering and 14th IEEE International Conference on Embedded Software and Systems

Event

IEEE Computer Society. Conference (2017 : Sydney, N.S.W.)

Publisher

Institute of the Electrical and Electronics Engineers

Place of publication

Piscataway, N.J.

Series

IEEE Computer Society Conference