Title :
Supervised Learning for Insider Threat Detection Using Stream Mining
Author :
Parveen, Pallabi ; Weger, Zackary R. ; Thuraisingham, Bhavani ; Hamlen, Kevin ; Khan, Latifur
Author_Institution :
Dept. of Comput. Sci., Univ. of Texas at Dallas, Dallas, TX, USA
Abstract :
Insider threat detection requires the identification of rare anomalies in contexts where evolving behaviors tend to mask such anomalies. This paper proposes and tests an ensemble-based stream mining algorithm based on supervised learning that addresses this challenge by maintaining an evolving collection of multiple models to classify dynamic data streams of unbounded length. The result is a classifier that exhibits substantially increased classification accuracy for real insider threat streams relative to traditional supervised learning (traditional SVM and one-class SVM) and other single-model approaches.
Keywords :
computer crime; data mining; identification; learning (artificial intelligence); pattern classification; classification accuracy; dynamic data stream classification; ensemble-based stream mining algorithm; insider threat detection; single-model approach; supervised learning; Data models; Feature extraction; Predictive models; Supervised learning; Support vector machines; Training; Training data; anomaly detection; ensemble; insider threat; support vector machine;
Conference_Titel :
Tools with Artificial Intelligence (ICTAI), 2011 23rd IEEE International Conference on
Conference_Location :
Boca Raton, FL
Print_ISBN :
978-1-4577-2068-0
Electronic_ISBN :
1082-3409
DOI :
10.1109/ICTAI.2011.176