Data pre-processing and analysis for insider threat detection

Insider threat is one of the most prominent concern in many companies. In this scenario, insiders are people with authorized access to sensitive information within the company. Insider threats are difficult to detect and thus, it is not enough to address simply through technical means alone. In orde...

Full description

Saved in:
Bibliographic Details
Main Author: Ho, See Cheng
Other Authors: Chen Lihui
Format: Final Year Project
Language:English
Published: 2019
Subjects:
Online Access:http://hdl.handle.net/10356/77551
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Nanyang Technological University
Language: English
id sg-ntu-dr.10356-77551
record_format dspace
spelling sg-ntu-dr.10356-775512023-07-07T18:05:40Z Data pre-processing and analysis for insider threat detection Ho, See Cheng Chen Lihui School of Electrical and Electronic Engineering DRNTU::Engineering::Electrical and electronic engineering Insider threat is one of the most prominent concern in many companies. In this scenario, insiders are people with authorized access to sensitive information within the company. Insider threats are difficult to detect and thus, it is not enough to address simply through technical means alone. In order to help with the early detection of insider threats, emotional and social factors are to be considered. The project analyses emails, one of the most common mode of communication in most organizations and uses deep learning techniques to build user profile that includes sentiment and network information. These user profiles are updated at fixed interval and the anomalous users are viewed as potential insider threats. In this project, the author is tasked with the testing of the TWOs dataset with the current Insider Threat Detection. The results would determine the viability of the dataset as additional training data for the system on top of its existing dataset. Additionally, the author was also involved in the development of a general preprocessing tools that processes datasets containing information of emails. The report will cover the methodology used for data processing and aspect extraction of the “The Wolves of SUTD” (TWOS) dataset. After the going through the two processes, the dataset will then be fed into an existing framework using ABSA model and HIN-Skipgram user profiling model to evaluate the top 10 user profiles with anomalies. The evaluated results will then be discussed. These results will also be compared with the author’s manual data analysis of the dataset. Bachelor of Engineering (Information Engineering and Media) 2019-05-31T03:04:18Z 2019-05-31T03:04:18Z 2019 Final Year Project (FYP) http://hdl.handle.net/10356/77551 en Nanyang Technological University 61 p. application/pdf
institution Nanyang Technological University
building NTU Library
continent Asia
country Singapore
Singapore
content_provider NTU Library
collection DR-NTU
language English
topic DRNTU::Engineering::Electrical and electronic engineering
spellingShingle DRNTU::Engineering::Electrical and electronic engineering
Ho, See Cheng
Data pre-processing and analysis for insider threat detection
description Insider threat is one of the most prominent concern in many companies. In this scenario, insiders are people with authorized access to sensitive information within the company. Insider threats are difficult to detect and thus, it is not enough to address simply through technical means alone. In order to help with the early detection of insider threats, emotional and social factors are to be considered. The project analyses emails, one of the most common mode of communication in most organizations and uses deep learning techniques to build user profile that includes sentiment and network information. These user profiles are updated at fixed interval and the anomalous users are viewed as potential insider threats. In this project, the author is tasked with the testing of the TWOs dataset with the current Insider Threat Detection. The results would determine the viability of the dataset as additional training data for the system on top of its existing dataset. Additionally, the author was also involved in the development of a general preprocessing tools that processes datasets containing information of emails. The report will cover the methodology used for data processing and aspect extraction of the “The Wolves of SUTD” (TWOS) dataset. After the going through the two processes, the dataset will then be fed into an existing framework using ABSA model and HIN-Skipgram user profiling model to evaluate the top 10 user profiles with anomalies. The evaluated results will then be discussed. These results will also be compared with the author’s manual data analysis of the dataset.
author2 Chen Lihui
author_facet Chen Lihui
Ho, See Cheng
format Final Year Project
author Ho, See Cheng
author_sort Ho, See Cheng
title Data pre-processing and analysis for insider threat detection
title_short Data pre-processing and analysis for insider threat detection
title_full Data pre-processing and analysis for insider threat detection
title_fullStr Data pre-processing and analysis for insider threat detection
title_full_unstemmed Data pre-processing and analysis for insider threat detection
title_sort data pre-processing and analysis for insider threat detection
publishDate 2019
url http://hdl.handle.net/10356/77551
_version_ 1772828466668896256