Insider threat detection using principal component analysis and self-organising map

Research Output

An insider threat can take on many aspects. Some employees abuse their positions of trust by disrupting normal operations, while others export valuable or confidential data which can damage the employer's marketing position and reputation. In addition, some just lose their credentials which are then abused in their name. In this paper, we use Principal Component Analysis (PCA) in conjunction with Self-Organising Map (SOM) for insider threat detection within an organisation. The results show that using PCA before SOM increases the clustering accuracy. CCS CONCEPTS • Security and privacy → Intrusion/anomaly detection and malware mitigation → Intrusion detection systems

Date:

13 October 2017
Publication Status:

Published
Publisher

Association for Computing Machinery
DOI:

10.1145/3136825.3136859
Library of Congress:

QA76 Computer software
Dewey Decimal Classification:

005.8 Data security
Funders:

Edinburgh Napier Funded

http://researchrepository.napier.ac.uk/output/982950 <p>Moradpoor, N., Brown, M., & Russell, G. (2017). Insider threat detection using principal component analysis and self-organising map. In <i>10th International Conference on Security of Information and Networks (SIN 2017)</i>https://doi.org/10.1145/3136825.3136859</p>

Citation

Moradpoor, N., Brown, M., & Russell, G. (2017). Insider threat detection using principal component analysis and self-organising map. In 10th International Conference on Security of Information and Networks (SIN 2017)https://doi.org/10.1145/3136825.3136859

Authors

insider threat detection using principal component analysis and self organising map 1

Dr Naghmeh Moradpoor Sheykhkanloo

Lecturer
School of Computing Engineering and the Built Environment

0131 455 2596

N.Moradpoor@napier.ac.uk

Dr Gordon Russell

Associate Professor
School of Computing Engineering and the Built Environment

0131 455 2754

G.Russell@napier.ac.uk

Keywords

Insider Threat; Unsupervised Machine Learning; Self-Organising Map; Principal Component Analysis

Monthly Views:

Available Documents

pdf

Insider Threat Detection Using Principal Component Analysis and Self-Organising Map

484KB

© Naghmeh Moradpoor | ACM 2017. This is the author's version of the work. It is posted here for your personal use. Not for redistribution. The definitive Version of Record was published in Proceedings of 10th International Conference on Security of Information and Networks (SIN 2017), ISBN 978-1-4503-5303-8/17/10 http://dx.doi.org/10.1145/3136825.3136859
Downloadable citations
HTML BIB RTF

Date:

Publication Status:

Publisher

DOI:

Library of Congress:

Dewey Decimal Classification:

Funders: