Anomalous Insiders Detection System using K-NN in Collaborative Information Systems
Published: 2020
Author(s) Name: Thiraviaselvi G. and Dhinese G. |
Author(s) Affiliation: Assist. Prof., Dept. of Information Technology, Francis Xavier Engg. College, Tamil Nadu, India.
Locked
Subscribed
Available for All
Abstract
Collaborative Information Systems (CIS) allow users to belong to different groups to communicate and interfere with shared tasks or documents for collaboration. Current Intrusion Detection Systems are not effective in detecting insider threats where users work in dynamic teams. A malicious hacker who works as an employee of an organization or an outsider who acts as an employee by obtaining false credentials is called an insider threat and that malicious hacker may cause damages to the shared information. The proposed Neighborhood Anomaly Detection System (NADS), is an unsupervised learning framework to detect insider threats. NADs makes use of access logs of collaborative environments for Intrusion Detection. This framework is based on the observation that typical CIS users tend to form Neighborhood structures based on the subjects accessed. NADS consists of two components: 1) relational pattern extraction, where Neighborhood structures are derived and 2) anomaly prediction, which uses a statistical model based on relational pattern extraction. Based on the observations, the deviation of users from the communities they belong to is detected. It is capable to detect anomalous insiders in systems that use dynamic teams.
Keywords: Anomaly detection, Data mining, Insider threat, Network analysis.
View PDF