Skip to main content
SpringerLink
Log in

Contrastive Learning forĀ Insider Threat Detection

  • Conference paper
  • First Online:
Database Systems for Advanced Applications (DASFAA 2022)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 13245))

Included in the following conference series:

Abstract

Insider threat detection techniques typically employ supervised learning models for detecting malicious insiders by using insider activity audit data. In many situations, the number of detected malicious insiders is extremely limited. To address this issue, we present a contrastive learning-based insider threat detection framework, CLDet, and empirically evaluate its efficacy in detecting malicious sessions that contain malicious activities from insiders. We evaluate our framework along with state-of-the-art baselines on two unbalanced benchmark datasets. Our framework exhibits relatively superior performance on these unbalanced datasets in effectively detecting malicious sessions.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 89.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 119.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Du, M., Li, F., Zheng, G., Srikumar, V.: Deeplog: anomaly detection and diagnosis from system logs through deep learning. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, CCS 2017, Dallas, TX, USA, October 30 - November 03, 2017. pp. 1285ā€“1298. ACM (2017)

    Google ScholarĀ 

  2. Glasser, J., Lindauer, B.: Bridging the gap: a pragmatic approach to generating insider threat data. In: 2013 IEEE Symposium on Security and Privacy Workshops, San Francisco, CA, USA, May 23ā€“24, 2013. pp. 98ā€“104. IEEE Computer Society (2013)

    Google ScholarĀ 

  3. Jaiswal, A., Babu, A.R., Zadeh, M.Z., Banerjee, D., Makedon, F.: A survey on contrastive self-supervised learning. CoRR arXiv:2011.00362 (2020)

  4. Kumar, S., Spezzano, F., Subrahmanian, V.: Vews: a wikipedia vandal early warning system. In: Proceedings of the 21th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, p. 607ā€“616. KDD 2015 (2015)

    Google ScholarĀ 

  5. Lin, L., Zhong, S., Jia, C., Chen, K.: Insider threat detection based on deep belief network feature representation. In: 2017 International Conference on Green Informatics (ICGI), pp. 54ā€“59 (2017)

    Google ScholarĀ 

  6. Lu, J., Wong, R.K.: Insider threat detection with long short-term memory. In: Proceedings of the Australasian Computer Science Week Multi-conference. New York, NY, USA (2019)

    Google ScholarĀ 

  7. Marrakchi, Y., Makansi, O., Brox, T.: Fighting class imbalance withĀ contrastive learning. In: de Bruijne, M., Cattin, P.C., Cotin, S., Padoy, N., Speidel, S., Zheng, Y., Essert, C. (eds.) MICCAI 2021. LNCS, vol. 12903, pp. 466ā€“476. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-87199-4_44

    ChapterĀ  Google ScholarĀ 

  8. Tuor, A., Baerwolf, R., Knowles, N., Hutchinson, B., Nichols, N., Jasper, R.: Recurrent neural network language models for open vocabulary event-level cyber anomaly detection. CoRR arXiv:1712.00557 (2017)

  9. Wang, X., Qi, G.: Contrastive learning with stronger augmentations. CoRR arXiv:2104.07713 (2021)

  10. Wu, Z., Wang, S., Gu, J., Khabsa, M., Sun, F., Ma, H.: CLEAR: contrastive learning for sentence representation. CoRR arXiv:2012.15466 (2020)

  11. Yuan, F., Cao, Y., Shang, Y., Liu, Y., Tan, J., Fang, B.: Insider threat detection with deep neural network. In: Shi, Y., Fu, H., Tian, Y., Krzhizhanovskaya, V.V., Lees, M.H., Dongarra, J., Sloot, P.M.A. (eds.) ICCS 2018. LNCS, vol. 10860, pp. 43ā€“54. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-93698-7_4

    ChapterĀ  Google ScholarĀ 

  12. Yuan, S., Wu, X.: Deep learning for insider threat detection: Review, challenges and opportunities. Comput. Secur. 104, 102221 (2021). https://doi.org/10.1016/j.cose.2021.102221

  13. Yuan, S., Zheng, P., Wu, X., Li, Q.: Insider threat detection via hierarchical neural temporal point processes. In: 2019 IEEE International Conference on Big Data (Big Data), pp. 1343ā€“1350 (2019)

    Google ScholarĀ 

  14. Yuan, S., Zheng, P., Wu, X., Tong, H.: Few-shot insider threat detection. In: CIKM 2020: The 29th ACM International Conference on Information and Knowledge Management, Virtual Event, Ireland, October 19ā€“23, 2020. pp. 2289ā€“2292. ACM (2020)

    Google ScholarĀ 

Download references

Acknowledgement

This work was supported in part by NSF grants 1564250, 1937010 and 2103829.

Author information

Authors and Affiliations

  1. University of Arkansas, Fayetteville, AR, 72701, USA

    M. S. VinayĀ &Ā Xintao Wu

  2. Utah State University, Logan, UT, 84322, USA

    Shuhan Yuan

Authors
  1. M. S. Vinay
    View author publications

    You can also search for this author in PubMedĀ Google Scholar

  2. Shuhan Yuan
    View author publications

    You can also search for this author in PubMedĀ Google Scholar

  3. Xintao Wu
    View author publications

    You can also search for this author in PubMedĀ Google Scholar

Corresponding author

Correspondence to Xintao Wu .

Editor information

Editors and Affiliations

  1. Indian Institute of Technology Kanpur, Kanpur, India

    Arnab Bhattacharya

  2. National University of Singapore, Singapore, Singapore

    Janice Lee Mong Li

  3. University of California, Santa Barbara, Santa Barbara, CA, USA

    Divyakant Agrawal

  4. IIIT Hyderabad, Hyderabad, India

    P. Krishna Reddy

  5. Indraprastha Institute of Information Technology Delhi, New Delhi, India

    Mukesh Mohania

  6. Ashoka University, Sonepat, Haryana, India

    Anirban Mondal

  7. Indraprastha Institute of Information Technology Delhi, New Delhi, India

    Vikram Goyal

  8. University of Aizu, Aizu, Japan

    Rage Uday Kiran

Rights and permissions

Reprints and permissions

Copyright information

Ā© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Vinay, M.S., Yuan, S., Wu, X. (2022). Contrastive Learning forĀ Insider Threat Detection. In: Bhattacharya, A., et al. Database Systems for Advanced Applications. DASFAA 2022. Lecture Notes in Computer Science, vol 13245. Springer, Cham. https://doi.org/10.1007/978-3-031-00123-9_32

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-00123-9_32

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-00122-2

  • Online ISBN: 978-3-031-00123-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation