NORMA eResearch @NCI Library

How does enhancing user activity features in Machine Learning algorithms offer a pre-emptive counter measure to detecting corporate insider threats?

Redmond, Brian (2020) How does enhancing user activity features in Machine Learning algorithms offer a pre-emptive counter measure to detecting corporate insider threats? Masters thesis, Dublin, National College of Ireland.

[thumbnail of Master of Science]
Preview
PDF (Master of Science)
Download (2MB) | Preview
[thumbnail of Configuration manual]
Preview
PDF (Configuration manual)
Download (2MB) | Preview

Abstract

Despite extensive research within the security community, the objective of finding scalable and accurate solutions to the problem posed by corporate insider threats has never been greater. Continuous and growing challenges exist for corporation and government entities to protect their environment from malicious and inadvertent exposure of sensitive data from within their own organisation. In this research paper, we examine the use of Machine Learning Algorithms, building advanced feature definition, analysing and classifying data patterns in user activity to put forward a conceptual model to mitigate the risk of data loss due to insider threats. This work extends existing research in the area of using anomaly detection and classification learning algorithms. We evaluate supervised learning, crossing threat features for classification and building data profiles for employees. We use existing industry CERT datasets on insider threats along with synthetic injected data into the Apache Spark Machine Learning library. Our objective is to analyse through developing advanced feature extractions that the accuracy levels support the detection of suspicious activity. This will be evaluated by building an application to analyse streaming data and design a feature classifier merging real time activity with historic patterns for an individual employee. The result of the research puts forward a method for developing activity feature extraction, shows an average level of accuracy level of 99.984%.

Item Type: Thesis (Masters)
Subjects: Q Science > QA Mathematics > Electronic computers. Computer science
T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science
Q Science > QA Mathematics > Computer software > Computer Security
T Technology > T Technology (General) > Information Technology > Computer software > Computer Security
Divisions: School of Computing > Master of Science in Cyber Security
Depositing User: Dan English
Date Deposited: 27 Jan 2021 19:30
Last Modified: 27 Jan 2021 19:30
URI: https://norma.ncirl.ie/id/eprint/4526

Actions (login required)

View Item View Item