Distance Measurement Methods for Improved Insider Threat Detection
2018 ◽
Vol 2018
◽
pp. 1-18
◽
Keyword(s):
Data Set
◽
Insider threats are a considerable problem within cyber security and it is often difficult to detect these threats using signature detection. Increasing machine learning can provide a solution, but these methods often fail to take into account changes of behaviour of users. This work builds on a published method of detecting insider threats and applies Hidden Markov method on a CERT data set (CERT r4.2) and analyses a number of distance vector methods (Damerau–Levenshtein Distance, Cosine Distance, and Jaccard Distance) in order to detect changes of behaviour, which are shown to have success in determining different insider threats.
2017 ◽
Vol 61
(1)
◽
pp. 202-206
◽
2021 ◽
pp. 301-320
2019 ◽
Vol 7
(1)
◽
pp. 40-52