Mitigating Insider Threat: A Neural Network Approach for Enhanced Security

Abstract

Read online

Detecting insider threats is the foremost challenge in many institutions because of the abnormal behavior of legitimate access and network crawling in the Internet of Things (IoT) environment. The insider activities of the institution’s data are submerged in many regular activities, leading to a data imbalance problem. Existing insider threat detection techniques often fail to address the data imbalance problem in the insider threat data of IoT-enabled institutions, thereby causing deterioration in detection performance. Thus, this paper presents a novel Enhanced Bidirectional Generative Adversarial Network (EBiGAN) for adversarial sample generation and a Deep Neural Network (DNN) with the Probability of Improvement (PI) acquisition function of Bayesian optimization to detect insiders in an IoT enabled institutions. The proposed model involves three modules: (1) Improved PCA for extracting user functionality samples and outlier estimators of k-means for grouping scenario-based user functional data. (2) Bidirectional GAN with an additional discriminator to ensure the quality of the generated samples (3) The PI acquisition function of Bayesian Optimization for tuning the hyperparameter to improve the performance of the DNN model for insider threat detection to secure IoT-enabled institutions. The performance of the Enhanced BiGAN and DNN-PI was evaluated using a benchmark institutional dataset. The experimental results show that the proposed model identifies the suspicious behavior of insiders with a high detection rate and minimal false alarm rate in an IoT infrastructure.

Keywords

• Data augmentation
• deep neural network
• insider attack
• insider threat detection
• outlier estimator K-means clustering