Insider Threat Detection Using Anamoly Threat Detection

Insider threat is one of the biggest problems facing organizational security since insiders are individuals with authorized access to an organization's information assets. Organizational security solutions can only detect outsider attacks and do not perform effectively when faced with malicious behaviors or accidental acts carried out by insiders. In this research paper, a method of detecting insider threat using behavioral anomaly is outlined. This solution aims at continuous observation of user behavior such as logging on, file access and general interaction with the system resources. Machine learning algorithms are employed in modeling user behavior and alerting any deviation that can imply an act of malice.