Insider Detection using Deep Autoencoder and Variational Autoencoder Neural Networks
This addresses insider threat detection for companies and critical infrastructures, but it is incremental as it applies existing deep learning methods to a known dataset.
The paper tackled insider attack detection in cybersecurity by applying deep autoencoder and variational autoencoder models to the CERT dataset, finding that the variational autoencoder achieved the best performance with higher detection accuracy and a reasonable false positive rate.
Insider attacks are one of the most challenging cybersecurity issues for companies, businesses and critical infrastructures. Despite the implemented perimeter defences, the risk of this kind of attack is still very high. In fact, the detection of insider attacks is a very complicated security task and presents a serious challenge to the research community. In this paper, we aim to address this issue by using deep learning algorithms Autoencoder and Variational Autoencoder deep. We will especially investigate the usefulness of applying these algorithms to automatically defend against potential internal threats, without human intervention. The effectiveness of these two models is evaluated on the public dataset CERT dataset (CERT r4.2). This version of the CERT Insider Threat Test dataset includes both benign and malicious activities generated from 1000 simulated users. The comparison results with other models show that the Variational Autoencoder neural network provides the best overall performance with a greater detection accuracy and a reasonable false positive rate