Advanced insider threat detection model to apply periodic work atmosphere
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Oh, Junhyoung | - |
dc.contributor.author | Kim, Tae Ho | - |
dc.contributor.author | Lee, Kyung Ho | - |
dc.date.accessioned | 2021-09-01T17:10:46Z | - |
dc.date.available | 2021-09-01T17:10:46Z | - |
dc.date.created | 2021-06-19 | - |
dc.date.issued | 2019-03-31 | - |
dc.identifier.issn | 1976-7277 | - |
dc.identifier.uri | https://scholar.korea.ac.kr/handle/2021.sw.korea/66586 | - |
dc.description.abstract | We developed an insider threat detection model to be used by organizations that repeat tasks at regular intervals. The model identifies the best combination of different feature selection algorithms, unsupervised learning algorithms, and standard scores. We derive a model specifically optimized for the organization by evaluating each combination in terms of accuracy, AUC (Area Under the Curve), and TPR (True Positive Rate). In order to validate this model, a four-year log was applied to the system handling sensitive information from public institutions. In the research target system, the user log was analyzed monthly based on the fact that the business process is processed at a cycle of one year, and the roles are determined for each person in charge. In order to classify the behavior of a user as abnormal, the standard scores of each organization were calculated and classified as abnormal when they exceeded certain thresholds. Using this method, we proposed an optimized model for the organization and verified it. | - |
dc.language | English | - |
dc.language.iso | en | - |
dc.publisher | KSII-KOR SOC INTERNET INFORMATION | - |
dc.title | Advanced insider threat detection model to apply periodic work atmosphere | - |
dc.type | Article | - |
dc.contributor.affiliatedAuthor | Lee, Kyung Ho | - |
dc.identifier.doi | 10.3837/tiis.2019.03.035 | - |
dc.identifier.scopusid | 2-s2.0-85065568630 | - |
dc.identifier.wosid | 000462727200035 | - |
dc.identifier.bibliographicCitation | KSII TRANSACTIONS ON INTERNET AND INFORMATION SYSTEMS, v.13, no.3, pp.1722 - 1737 | - |
dc.relation.isPartOf | KSII TRANSACTIONS ON INTERNET AND INFORMATION SYSTEMS | - |
dc.citation.title | KSII TRANSACTIONS ON INTERNET AND INFORMATION SYSTEMS | - |
dc.citation.volume | 13 | - |
dc.citation.number | 3 | - |
dc.citation.startPage | 1722 | - |
dc.citation.endPage | 1737 | - |
dc.type.rims | ART | - |
dc.type.docType | Article | - |
dc.identifier.kciid | ART002454767 | - |
dc.description.journalClass | 1 | - |
dc.description.journalRegisteredClass | scie | - |
dc.description.journalRegisteredClass | scopus | - |
dc.description.journalRegisteredClass | kci | - |
dc.relation.journalResearchArea | Computer Science | - |
dc.relation.journalResearchArea | Telecommunications | - |
dc.relation.journalWebOfScienceCategory | Computer Science, Information Systems | - |
dc.relation.journalWebOfScienceCategory | Telecommunications | - |
dc.subject.keywordAuthor | Insider threat detection | - |
dc.subject.keywordAuthor | Machine learning | - |
dc.subject.keywordAuthor | Unsupervised learning | - |
dc.subject.keywordAuthor | Security | - |
dc.subject.keywordAuthor | Privacy Behavior | - |
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.
(02841) 서울특별시 성북구 안암로 14502-3290-1114
COPYRIGHT © 2021 Korea University. All Rights Reserved.
Certain data included herein are derived from the © Web of Science of Clarivate Analytics. All rights reserved.
You may not copy or re-distribute this material in whole or in part without the prior written consent of Clarivate Analytics.