Research Output

Insider threat detection using principal component analysis and self-organising map

  An insider threat can take on many aspects. Some employees abuse their positions of trust by disrupting normal operations, while others export valuable or confidential data which can damage the employer's marketing position and reputation. In addition, some just lose their credentials which are then abused in their name. In this paper, we use Principal Component Analysis (PCA) in conjunction with Self-Organising Map (SOM) for insider threat detection within an organisation. The results show that using PCA before SOM increases the clustering accuracy. CCS CONCEPTS • Security and privacy → Intrusion/anomaly detection and malware mitigation → Intrusion detection systems

  • Date:

    13 October 2017

  • Publication Status:

    Published

  • Publisher

    Association for Computing Machinery

  • DOI:

    10.1145/3136825.3136859

  • Library of Congress:

    QA76 Computer software

  • Dewey Decimal Classification:

    005.8 Data security

  • Funders:

    Edinburgh Napier Funded

Citation

Moradpoor, N., Brown, M., & Russell, G. (2017). Insider threat detection using principal component analysis and self-organising map. In 10th International Conference on Security of Information and Networks (SIN 2017)doi:10.1145/3136825.3136859

Authors

Keywords

Insider Threat; Unsupervised Machine Learning; Self-Organising Map; Principal Component Analysis

Monthly Views: