2024 : 11 : 23
Payam Mahmoudi-nasr

Payam Mahmoudi-nasr

Academic rank: Associate Professor
ORCID: 0000-0003-1421-3712
Education: PhD.
ScopusId: 56483175500
HIndex: 0/00
Faculty: Faculty of Technology and Engineering
Address: Associate Professor of Computer Engineering at University of Mazandaran
Phone: 011-35305109

Research

Title
An approach to Insider Threat Detection using Deep Learning
Type
Thesis
Keywords
Insider threat detection; Convolutional Neural Network (CNN); Convolutional Auto encoder; CNN-LSTM
Year
2024
Researchers Majduddeen Almoayed(Student)، Payam Mahmoudi-nasr(PrimaryAdvisor)

Abstract

The insider threat is a major concern in cybersecurity, necessitating specialized detection technologies and platforms. Ensemble techniques, which combine the predictions of multiple base estimators, offer enhanced robustness compared to single estimators. In this study, we convert data into images and then apply three deep learning (DL) techniques — convolutional neural network (CNN), convolutional autoencoder, and CNN-LSTM — to the r4.2 and r5.2 versions of the CERT dataset for insider threat detection. Due to the imbalance of the dataset, we augment the minority class using the SMOTE function during the training phase. Independent models achieved accuracy in the 99% to 100% range, with other metrics within the 90% to 95% range. To further enhance prediction performance, we used stacked generalization, combining the three DL methods and introducing a deep neural network (DNN) as the meta-classifier, this resulted in a high performance metrics being on the r4.2 Precision 99.97%, Recall 99.97%, and AUC 100%, and it was on the r5.2 as follows: Precision 99.98%, Recall 99.98%, and AUC 99.69%.