Outlier Detection in Random Subspaces over Data Streams: An Approach for Insider Threat Detection
Haidar, Diana and Gaber, Mohamed Medhat (2017) Outlier Detection in Random Subspaces over Data Streams: An Approach for Insider Threat Detection. The Specialist Group on Artificial Intelligence Expert Update, 17 (2). ISSN 1465 4091
Preview |
Text
dsm_dianahaidar.pdf - Accepted Version Download (267kB) |
Abstract
Insider threat detection is an emergent concern for industries and governments due to the growing number of attacks in recent years. Several Machine Learning (ML) approaches have been developed to detect insider threats, however, they still suffer from a high number of false alarms. None of those approaches addressed the insider threat problem from the perspective of stream mining data where a concept drift or an outlier is an indication of an insider threat. An outlier refers to anomalous behaviour that
deviates from the normal baseline of community's behaviour and is the focus of this paper. To address the shortcoming of existing approaches and realise a novel solution to the problem, we present RandSubOut (Random
Subspace Outliers) approach for insider threat detection over real-time data streaming. RandSubOut allows the detection of insider threats represented as localised outliers in random feature subspaces, which would not be detected over the whole feature space, due to dimensionality. We evaluated the presented approach as an ensemble of established distance-based outlier de
tection methods, namely, Micro-cluster-based Continuous Outlier Detection (MCOD) and Anytime OUTlier detection (AnyOut), according to evaluation measures including True Positive (TP) and False Positive (FP).
| Item Type: | Article |
|---|---|
| Dates: | Date Event October 2016 Accepted 2017 Published |
| Subjects: | CAH11 - computing > CAH11-01 - computing > CAH11-01-01 - computer science |
| Divisions: | Faculty of Computing, Engineering and the Built Environment Faculty of Computing, Engineering and the Built Environment > College of Computing |
| Depositing User: | Ian Mcdonald |
| Date Deposited: | 11 Jan 2017 14:23 |
| Last Modified: | 22 Mar 2023 12:01 |
| URI: | https://www.open-access.bcu.ac.uk/id/eprint/3802 |
Actions (login required)
 |
View Item |
Tools
Tools
