An Insider Data Leakage Detection Using One-Hot Encoding, Synthetic Minority Oversampling and Machine Learning Techniques

Insider threats are malicious acts that can be carried out by an authorized employee within an organization. Insider threats represent a major cybersecurity challenge for private and public organizations, as an insider attack can cause extensive damage to organization assets much more than external attacks. Most existing approaches in the field of insider threat focused on detecting general insider attack scenarios. However, insider attacks can be carried out in different ways, and the most dangerous one is a data leakage attack that can be executed by a malicious insider before his/her leaving an organization. This paper proposes a machine learning-based model for detecting such serious insider threat incidents. The proposed model addresses the possible bias of detection results that can occur due to an inappropriate encoding process by employing the feature scaling and one-hot encoding techniques. Furthermore, the imbalance issue of the utilized dataset is also addressed utilizing the synthetic minority oversampling technique (SMOTE). Well known machine learning algorithms are employed to detect the most accurate classifier that can detect data leakage events executed by malicious insiders during the sensitive period before they leave an organization. We provide a proof of concept for our model by applying it on CMU-CERT Insider Threat Dataset and comparing its performance with the ground truth. The experimental results show that our model detects insider data leakage events with an AUC-ROC value of 0.99, outperforming the existing approaches that are validated on the same dataset. The proposed model provides effective methods to address possible bias and class imbalance issues for the aim of devising an effective insider data leakage detection system

A Multi-Tiered Framework for Insider Threat Prevention

As technologies are rapidly evolving and becoming a crucial part of our lives, security and privacy issues have been increasing significantly. Public and private organizations have highly confidential data, such as bank accounts, military and business secrets, etc. Currently, the competition between organizations is significantly higher than before, which triggers sensitive organizations to spend an excessive volume of their budget to keep their assets secured from potential threats. Insider threats are more dangerous than external ones, as insiders have a legitimate access to their organization’s assets. Thus, previous approaches focused on some individual factors to address insider threat problems (e.g., technical profiling), but a broader integrative perspective is needed. In this paper, we propose a unified framework that incorporates various factors of the insider threat context (technical, psychological, behavioral and cognitive). The framework is based on a multi-tiered approach that encompasses pre, in and post-countermeasures to address insider threats in an all-encompassing perspective. It considers multiple factors that surround the lifespan of insiders’ employment, from the pre-joining of insiders to an organization until after they leave. The framework is utilized on real-world insider threat cases. It is also compared with previous work to highlight how our framework extends and complements the existing frameworks. The real value of our framework is that it brings together the various aspects of insider threat problems based on real-world cases and relevant literature. This can therefore act as a platform for general understanding of insider threat problems, and pave the way to model a holistic insider threat prevention system

A comparative recognition research on excretory organism in medical applications using artificial neural networks

Purpose: In the contemporary era, a significant number of individuals encounter various health issues, including digestive system ailments, even during their advanced years. The major purpose of this study is based on certain observations that are made in internal digestive systems in order to prevent severe cause that usually occurs in elderly people. Approach: To solve the purpose of the proposed method the proposed system is introduced with advanced features and parametric monitoring system that are based on wireless sensor setups. The parametric monitoring system is integrated with neural network where certain control actions are taken to prevent gastrointestinal activities at reduced data loss. Results: The outcome of the combined process is examined based on four different cases that is designed based on analytical model where control parameters and weight establishments are also determined. As the internal digestive system is monitored the data loss that is present with wireless sensor network must be reduced and proposed approach prevents such data loss with an optimized value of 1.39%. Conclusion: Parametric cases were conducted to evaluate the efficacy of neural networks. The findings indicate a significantly higher effectiveness rate of approximately 68% when compared to the control cases

Development of edge computing and classification using The Internet of Things with incremental learning for object detection

The edge computing method and Internet of Things (IoT), which offers significantly shorter inactivity intervals, is one of the promising network technologies in today's generation of systems. There is no need to process the data using a cloud platform whenever an edge computing technology is used; alternative ways employing offline IoT and incremental learning techniques can be used. Using IoT, the incremental learning process transfers all essential data within a specific device. Thus, edge computing, IoT and incremental learning techniques are combined in the proposed method to detect numerous objects with varying weights. An analytical model that minimizes the parametric values and has various objectives is used to carry out the object detection process. Additionally, by utilizing evaluation metrics from five different case studies that were simulated using the MATLAB computing toolkit, the proposed method was tested. The efficacy of the proposed method rises to 62% when the simulated results are compared with the current method. The suggested method can accurately identify several objects in real-time when operating in a multi-object mode