Insider Threat Detection Based on Anomalous Behavior of User for Cybersecurity

Conference paper
Part of the Lecture Notes in Networks and Systems book series (LNNS, volume 132)


In today’s competitive world, business security is essential. To secure the business processes and confidential data, organizations have to protect the system by implementing new policies and techniques to detect the threats and control it. Threats for cybersecurity are classified into two types, outsider and insider threats. Both threats are very harmful to the organization. These may convert into a severe attack on the systems upon future. Outsider threats have to take more effort to break the security system. But inside users are those who are privileged to access the system within the organization. As data form is digital, it is straightforward to transfer from one to another. Data leakage, theft, and sharing are easy for insiders. Therefore, there is a need to research in this domain. In this proposed paper, a study of insider threat detection based on the anomalous behavior of the user for cybersecurity is presented. The data processing and anomaly detection algorithms are performed for insider threat detection by researchers. This research paper presented a study on insider threat detection based on the anomalous behavior of the user for cybersecurity.


Cybesecurity Insider threats Anomalous behavior Machine learning Data leakage Bipartite graph 



I wish to acknowledge the Software Engineering Institute of Carnegie Mellon University and Exact Data LLC for making available data for the research study.


  1. 1.
    Almehmadi A, El-Khatib K (2017) On the Possibility of insider threat prevention using intent-based access control (IBAC). IEEE Syst J 11:373–384CrossRefGoogle Scholar
  2. 2.
    Bao H, Lu R, Li B, Deng R (2016) BLITHE: behavior rule-based insider threat detection for smart grid. IEEE Internet Things J 3:190–205CrossRefGoogle Scholar
  3. 3.
    Basu S, Victoria Chua YH, Wah Lee M, Lim WG, Maszczyk T, Guo Z, Dauwels J (2018) Towards a data-driven behavioral approach to prediction of insider-threat. In: 2018 IEEE international conference on big data (big data. IEEE, Seattle, WA, USA), pp 4994–5001.
  4. 4.
    Chattopadhyay P, Wang L, Tan Y-P (2018) Scenario-based insider threat detection from cyber activities. IEEE Trans Comput Soc Syst 5:660–675CrossRefGoogle Scholar
  5. 5.
    Choi J, Bang J, Kim L, Ahn M, Kwon T (2017) Location-based key management strong against insider threats in wireless sensor networks. IEEE Syst J 11:494–502CrossRefGoogle Scholar
  6. 6.
    Garg S, Kaur K, Kumar N, Rodrigues JJPC (2019) Hybrid deep-learning-based anomaly detection scheme for suspicious flow detection in SDN: a social multimedia perspective. IEEE Trans Multimedia 21:566–578. Scholar
  7. 7.
    Hall AJ, Pitropakis N, Buchanan WJ, Moradpoor N (2018) Predicting malicious insider threat scenarios using organizational data and a heterogeneous stack-classifier. In: 2018 IEEE international conference on big data (big data). IEEE, Seattle, WA, USA, pp 5034–5039Google Scholar
  8. 8.
    Huang X, Lu Y, Li D, Ma M (2018) A novel mechanism for fast detection of transformed data leakage. IEEE Access 6:35926–35936CrossRefGoogle Scholar
  9. 9.
    Liu FT, Ting KM, Zhou Z-H (2008) Isolation forest. In: 2008 eighth IEEE international conference on data mining. IEEE, Pisa, Italy, pp 413–422Google Scholar
  10. 10.
    Liu L, De Vel O, Chen C, Zhang J, Xiang Y (2018) Anomaly-based insider threat detection using deep autoencoders. In: 2018 IEEE international conference on data mining workshops (ICDMW). IEEE, Singapore, Singapore, pp 39–48Google Scholar
  11. 11.
    Liu L, De Vel O, Han Q-L, Zhang J, Xiang Y (2018) Detecting and preventing cyber insider threats: a survey. IEEE Commun Surv Tutor 20:1397–1417CrossRefGoogle Scholar
  12. 12.
    Santos E, Nguyen H, Yu F, Kim KJ, Li D, Wilkinson JT, Olson A, Russell J, Clark B (2012) Intelligence analyses and the insider threat. IEEE Trans Syst Man Cybern. - Part Syst Hum 42:331–347.
  13. 13.
    Saxena N, Choi BJ, Lu R (2016) Authentication and authorization scheme for various user roles and devices in smart grid. IEEE Trans Inf Forensics Secur 11:907–921CrossRefGoogle Scholar
  14. 14.
    Smith TD (2018) Countering inside threat actors in algorithm-based media. In: 2018 IEEE international conference on big data (big data). IEEE, Seattle, WA, USA, pp 4453–4459.
  15. 15.
    Walker-Roberts S, Hammoudeh M, Dehghantanha A (2018) A systematic review of the availability and efficacy of countermeasures to internal threats in healthcare critical infrastructure. IEEE Access 6:25167–25177CrossRefGoogle Scholar
  16. 16.
    Yaseen Q, Alabdulrazzaq A, Albalas F (2019) A framework for insider collusion threat prediction and mitigation in relational databases. In: 2019 IEEE 9th annual computing and communication workshop and conference (CCWC. IEEE, Las Vegas, NV, USA), pp 0721–0727.

Copyright information

© The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2021

Authors and Affiliations

  1. 1.Vidyalankar School of Information TechnologyMumbaiIndia
  2. 2.P.G. Depatment of Computer ScienceS.N.D.T. Women’s UniversityMumbaiIndia

Personalised recommendations