Digitization of healthcare records has introduced challenges to data privacy, security and compliance. Sensitive information contained in the records make them prime targets for cyber threats, unauthorized access and data breaches. Often these acts are committed by malicious insider actors who have access to the records. This paper explores a possible way of identifying the insider threats by analyzing the activity of an actor over a period of time. We propose using Machine Learning, specifically Autoencoders and Variational Autoencoders to detect abnormal activity. We have used the Computer Emergency Response Team Insider Threat Dataset as a test dataset to train the models. We convert the textual data into vector form and use Long short-term memory to extract, reduce the number of features and reconstruct the inputs. We evaluate the performance and accuracy of Autoencoders and Variational Autoencoders by comparing the time taken to train the model on the sample dataset and the full dataset, and the reconstruction errors of the two methods. We conclude that the Variational Autoencoder is better suited for threat detection as it trains faster and has lesser reconstruction errors.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Autoencoders for Insider Threat Detection of Healthcare Records

  • Ankita R. Deshpande,
  • G. Ignisha Rajathi,
  • J. Mohanalin,
  • K. A. Yashaswini,
  • Raghavendra M. Devadas,
  • K. Rama Krishna,
  • Kaipa Sandhya,
  • Vani Hiremani

摘要

Digitization of healthcare records has introduced challenges to data privacy, security and compliance. Sensitive information contained in the records make them prime targets for cyber threats, unauthorized access and data breaches. Often these acts are committed by malicious insider actors who have access to the records. This paper explores a possible way of identifying the insider threats by analyzing the activity of an actor over a period of time. We propose using Machine Learning, specifically Autoencoders and Variational Autoencoders to detect abnormal activity. We have used the Computer Emergency Response Team Insider Threat Dataset as a test dataset to train the models. We convert the textual data into vector form and use Long short-term memory to extract, reduce the number of features and reconstruct the inputs. We evaluate the performance and accuracy of Autoencoders and Variational Autoencoders by comparing the time taken to train the model on the sample dataset and the full dataset, and the reconstruction errors of the two methods. We conclude that the Variational Autoencoder is better suited for threat detection as it trains faster and has lesser reconstruction errors.