Insider threat detection of adaptive optimization DBN for behavior logs

Authors

JIANGE ZHANG
YUE CHEN
ANKANG JU

DOI

10.3906/elk-1706-163

Abstract

For the problems of insider threats such as great harm due to damage and resultant loss, difficulty in extracting abnormal behavior features of insiders because of transparency and concealment, and low detection rate, an insider threat detection model using adaptive optimization DBN for behavior logs is put forward. The model carries out deep learning based on the integrated and normalized behavior logs to fully learn normal and abnormal behavior features of insiders to form optimal representations of the behavior features of insiders. The experimental results show that the multiple-hidden-layer deep learning model can fully learn the behavior features of insiders, improving the detection rate of insider threat. Particularly, the adaptive optimization method of the golden section is better than that using the dichotomy method, which can increase the threat detection rate of the DBN model to 97.872%, with more significant advantages.

Keywords

Behavior logs, adaptive optimization DBN, insider threat detection, golden section

First Page

792

Last Page

802

Recommended Citation

ZHANG, JIANGE; CHEN, YUE; and JU, ANKANG (2018) "Insider threat detection of adaptive optimization DBN for behavior logs," Turkish Journal of Electrical Engineering and Computer Sciences: Vol. 26: No. 2, Article 14. https://doi.org/10.3906/elk-1706-163
Available at: https://journals.tubitak.gov.tr/elektrik/vol26/iss2/14