Comparing Autoencoder Models for Insider Threat Detection
摘要
Insider threats present a major hurdle to organizational cybersecurity, frequently escaping detection because of their complex and nuanced nature. Via this paper, we conduct a comprehensive analysis of several autoencoder models and their hybrid versions and comparing their efficacy in identifying malicious insiders, utilizing the CERT r4.2 dataset. We explore traditional deep learning architectures—such as Convolutional Neural Networks (CNNs), Long Short-Term Memory (LSTM) networks, and Gated Recurrent Units (GRUs)—alongside advanced autoencoder-based models such as Variational Autoencoders (VAEs) as well as hybrid models that integrate CNNs and LSTMs with autoencoders. The evaluation of these models is based on key performance metrics, with a primary emphasis on recall and ROC-AUC scores, complemented by assessments of accuracy, F1 score, and precision.