Abstract
Cybersecurity attacks can arise from internal and external sources. The attacks perpetrated by internal sources are also referred to as insider threats. These are a cause of serious concern to organizations because of the significant damage that can be inflicted by malicious insiders. In this paper, we propose an approach for insider threat classification which is motivated by the effectiveness of pre-trained deep convolutional neural networks (DCNNs) for image classification. In the proposed approach, we extract features from usage patterns of insiders and represent these features as images. Hence, images are used to represent the resource access patterns of the employees within an organization. After construction of images, we use pre-trained DCNNs for anomaly detection, with the aim to identify malicious insiders. Random under sampling is used for reducing the class imbalance issue. The proposed approach is evaluated using the MobileNetV2, VGG19, and ResNet50 pre-trained models, and a benchmark dataset. Experimental results show that the proposed method is effective and outperforms other state-of-the-art methods.
Highlights
Insider threat is one of the most prevalent cybersecurity threats
The evaluation of the method using Carnegie Mellon University (CMU) CERT Insider Threat dataset achieved an accuracy of 87.79%
CMU CERT data is a benchmark dataset for insider threat detection which has been widely used by researchers to evaluate their proposed methods [11]
Summary
Insider threat is one of the most prevalent cybersecurity threats. It refers to potential attacks perpetrated by trusted employees associated with that organization. The challenge of insider actions is that they might only leave a small footprint in the digital audit data because attackers know precisely how and where sensitive data resides and are aware of the security solutions implemented in the organization. This is why certain insider incidents are not revealed for a prolonged period. We propose an image-based feature representation method to depict the behavioral pattern of the employees in an organization These images are used to detect the anomalous patterns using deep learning models, thereby detecting the insiders.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
