Detection and prediction of anomalous behaviors of enterprise’s employees based on data-mining and optimization algorithm

Abstract

Read online

Abstract Internal employees have always been at the core of organizational security management challenges. Once an employee exhibits behaviors that threaten the organization, the resulting damage can be profound. Therefore, analyzing reasonably stored behavioral data can equip managers with effective threat monitoring and warning solutions. Through data-mining, a knowledge graph for internal threat data is deduced, and models for detecting anomalous behaviors and predicting resignations are developed. Initially, data-mining is employed to model the knowledge ontology of internal threats and construct the knowledge graph; subsequently, using the behavioral characteristics, the BP neural network is optimized with the Sparrow Search Algorithm (SSA), establishing a detection model for anomalous behaviors (SBP); additionally, behavioral sequences are processed through data feature vectorization. Utilizing SBP, the LSTM network is further optimized, creating a predictive model for employee behaviors (SLSTM); ultimately, SBP detects anomalous behaviors, while SLSTM predicts resignation intentions, thus enhancing detection strategies for at-risk employees. The integration of these models forms a comprehensive threat detection technology within the organization. The efficacy and practicality of detecting anomalous behaviors and predicting resignations using SBP and SLSTM are demonstrated, comparing them with other algorithms and analyzing potential causes of misjudgment. This work has enhanced the detection efficiency and update speed of abnormal employee behaviors, lowered the misjudgment rate, and significantly mitigated the impact of internal threats on the organization.

Keywords

• Internal threat
• Knowledge graph
• Sparrow search algorithm (SSA)
• Anomalous behaviors
• Resignation prediction