Distance Measurement Methods for Improved Insider Threat Detection

Research Output

Insider threats are a considerable problem within cyber security and it is often difficult to detect these threats using signature detection. Increasing machine learning can provide a solution, but these methods often fail to take into account changes of behaviour of users. This work builds on a published method of detecting insider threats and applies Hidden Markov method on a CERT data set (CERT r4.2) and analyses a number of distance vector methods (Damerau–Levenshtein Distance, Cosine Distance, and Jaccard Distance) in order to detect changes of behaviour, which are shown to have success in determining different insider threats.

Type:

Article
Date:

17 January 2018
Publication Status:

Published
DOI:

10.1155/2018/5906368
Cross Ref:

5906368
ISSN:

1939-0114
Library of Congress:

QA75 Electronic computers. Computer science
Dewey Decimal Classification:

005.8 Data security
Funders:

Edinburgh Napier Funded

http://researchrepository.napier.ac.uk/output/1023221 Lo, O., Buchanan, W. J., Griffiths, P., & Macfarlane, R. (2018). Distance Measurement Methods for Improved Insider Threat Detection. Security and Communication Networks, 2018, 1-18. https://doi.org/10.1155/2018/5906368

Citation

Lo, O., Buchanan, W. J., Griffiths, P., & Macfarlane, R. (2018). Distance Measurement Methods for Improved Insider Threat Detection. Security and Communication Networks, 2018, 1-18. https://doi.org/10.1155/2018/5906368

Authors

Dr Owen Lo

Senior Research Fellow
School of Computing Engineering and the Built Environment

O.Lo@napier.ac.uk

Prof Bill Buchanan

Professor
School of Computing Engineering and the Built Environment

0131 455 2759

B.Buchanan@napier.ac.uk

Rich Macfarlane

Associate Professor
School of Computing Engineering and the Built Environment

0131 455 2335

R.Macfarlane@napier.ac.uk

Keywords

Insider threat, distance measurement,

Monthly Views:

Available Documents

pdf

Distance Measurement Methods for Improved Insider Threat Detection

2MB

Copyright © 2018 Owen Lo et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
pdf

Distance Measurement Methods for Improved Insider Threat Detection
File is currently unavailable , please contact b.buchanan@napier.ac.uk to request a copy

989KB

© 2017 Owen Lo et al.This is an open access article distributed under the Creative Commons Attribution License, which
permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
Downloadable citations
HTML BIB RTF

Type:

Date:

Publication Status:

DOI:

Cross Ref:

ISSN:

Library of Congress:

Dewey Decimal Classification:

Funders:

Citation

Authors

Dr Owen Lo

Prof Bill Buchanan

Rich Macfarlane

Keywords

Monthly Views:

Distance Measurement Methods for Improved Insider Threat Detection

Distance Measurement Methods for Improved Insider Threat Detection File is currently unavailable , please contact b.buchanan@napier.ac.uk to request a copy

Downloadable citations

Distance Measurement Methods for Improved Insider Threat Detection
File is currently unavailable , please contact b.buchanan@napier.ac.uk to request a copy