Insider threats present a major hurdle to organizational cybersecurity, frequently escaping detection because of their complex and nuanced nature. Via this paper, we conduct a comprehensive analysis of several autoencoder models and their hybrid versions and comparing their efficacy in identifying malicious insiders, utilizing the CERT r4.2 dataset. We explore traditional deep learning architectures—such as Convolutional Neural Networks (CNNs), Long Short-Term Memory (LSTM) networks, and Gated Recurrent Units (GRUs)—alongside advanced autoencoder-based models such as Variational Autoencoders (VAEs) as well as hybrid models that integrate CNNs and LSTMs with autoencoders. The evaluation of these models is based on key performance metrics, with a primary emphasis on recall and ROC-AUC scores, complemented by assessments of accuracy, F1 score, and precision.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Comparing Autoencoder Models for Insider Threat Detection

  • Kingshuk Mitra,
  • Pratik Jagtap,
  • Siddharth Hooda,
  • Ashwini Rao

摘要

Insider threats present a major hurdle to organizational cybersecurity, frequently escaping detection because of their complex and nuanced nature. Via this paper, we conduct a comprehensive analysis of several autoencoder models and their hybrid versions and comparing their efficacy in identifying malicious insiders, utilizing the CERT r4.2 dataset. We explore traditional deep learning architectures—such as Convolutional Neural Networks (CNNs), Long Short-Term Memory (LSTM) networks, and Gated Recurrent Units (GRUs)—alongside advanced autoencoder-based models such as Variational Autoencoders (VAEs) as well as hybrid models that integrate CNNs and LSTMs with autoencoders. The evaluation of these models is based on key performance metrics, with a primary emphasis on recall and ROC-AUC scores, complemented by assessments of accuracy, F1 score, and precision.