Abstract
Insider threat detection techniques typically employ supervised learning models for detecting malicious insiders by using insider activity audit data. In many situations, the number of detected malicious insiders is extremely limited. To address this issue, we present a contrastive learning-based insider threat detection framework, CLDet, and empirically evaluate its efficacy in detecting malicious sessions that contain malicious activities from insiders. We evaluate our framework along with state-of-the-art baselines on two unbalanced benchmark datasets. Our framework exhibits relatively superior performance on these unbalanced datasets in effectively detecting malicious sessions.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Du, M., Li, F., Zheng, G., Srikumar, V.: Deeplog: anomaly detection and diagnosis from system logs through deep learning. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, CCS 2017, Dallas, TX, USA, October 30 - November 03, 2017. pp. 1285ā1298. ACM (2017)
Glasser, J., Lindauer, B.: Bridging the gap: a pragmatic approach to generating insider threat data. In: 2013 IEEE Symposium on Security and Privacy Workshops, San Francisco, CA, USA, May 23ā24, 2013. pp. 98ā104. IEEE Computer Society (2013)
Jaiswal, A., Babu, A.R., Zadeh, M.Z., Banerjee, D., Makedon, F.: A survey on contrastive self-supervised learning. CoRR arXiv:2011.00362 (2020)
Kumar, S., Spezzano, F., Subrahmanian, V.: Vews: a wikipedia vandal early warning system. In: Proceedings of the 21th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, p. 607ā616. KDD 2015 (2015)
Lin, L., Zhong, S., Jia, C., Chen, K.: Insider threat detection based on deep belief network feature representation. In: 2017 International Conference on Green Informatics (ICGI), pp. 54ā59 (2017)
Lu, J., Wong, R.K.: Insider threat detection with long short-term memory. In: Proceedings of the Australasian Computer Science Week Multi-conference. New York, NY, USA (2019)
Marrakchi, Y., Makansi, O., Brox, T.: Fighting class imbalance withĀ contrastive learning. In: de Bruijne, M., Cattin, P.C., Cotin, S., Padoy, N., Speidel, S., Zheng, Y., Essert, C. (eds.) MICCAI 2021. LNCS, vol. 12903, pp. 466ā476. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-87199-4_44
Tuor, A., Baerwolf, R., Knowles, N., Hutchinson, B., Nichols, N., Jasper, R.: Recurrent neural network language models for open vocabulary event-level cyber anomaly detection. CoRR arXiv:1712.00557 (2017)
Wang, X., Qi, G.: Contrastive learning with stronger augmentations. CoRR arXiv:2104.07713 (2021)
Wu, Z., Wang, S., Gu, J., Khabsa, M., Sun, F., Ma, H.: CLEAR: contrastive learning for sentence representation. CoRR arXiv:2012.15466 (2020)
Yuan, F., Cao, Y., Shang, Y., Liu, Y., Tan, J., Fang, B.: Insider threat detection with deep neural network. In: Shi, Y., Fu, H., Tian, Y., Krzhizhanovskaya, V.V., Lees, M.H., Dongarra, J., Sloot, P.M.A. (eds.) ICCS 2018. LNCS, vol. 10860, pp. 43ā54. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-93698-7_4
Yuan, S., Wu, X.: Deep learning for insider threat detection: Review, challenges and opportunities. Comput. Secur. 104, 102221 (2021). https://doi.org/10.1016/j.cose.2021.102221
Yuan, S., Zheng, P., Wu, X., Li, Q.: Insider threat detection via hierarchical neural temporal point processes. In: 2019 IEEE International Conference on Big Data (Big Data), pp. 1343ā1350 (2019)
Yuan, S., Zheng, P., Wu, X., Tong, H.: Few-shot insider threat detection. In: CIKM 2020: The 29th ACM International Conference on Information and Knowledge Management, Virtual Event, Ireland, October 19ā23, 2020. pp. 2289ā2292. ACM (2020)
Acknowledgement
This work was supported in part by NSF grants 1564250, 1937010 and 2103829.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
Ā© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Vinay, M.S., Yuan, S., Wu, X. (2022). Contrastive Learning forĀ Insider Threat Detection. In: Bhattacharya, A., et al. Database Systems for Advanced Applications. DASFAA 2022. Lecture Notes in Computer Science, vol 13245. Springer, Cham. https://doi.org/10.1007/978-3-031-00123-9_32
Download citation
DOI: https://doi.org/10.1007/978-3-031-00123-9_32
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-00122-2
Online ISBN: 978-3-031-00123-9
eBook Packages: Computer ScienceComputer Science (R0)