A study on Classification of Insider threat using Markov Chain Model
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Kim, Dong-Wook | - |
dc.contributor.author | Hong, Sung-Sam | - |
dc.contributor.author | Han, Myung-Mook | - |
dc.date.available | 2020-02-27T11:40:47Z | - |
dc.date.created | 2020-02-07 | - |
dc.date.issued | 2018-04-30 | - |
dc.identifier.issn | 1976-7277 | - |
dc.identifier.uri | https://scholarworks.bwise.kr/gachon/handle/2020.sw.gachon/3850 | - |
dc.description.abstract | In this paper, a method to classify insider threat activity is introduced. The internal threats help detecting anomalous activity in the procedure performed by the user in an organization. When an anomalous value deviating from the overall behavior is displayed, we consider it as an inside threat for classification as an inside intimidator. To solve the situation, Markov Chain Model is employed. The Markov Chain Model shows the next state value through an arbitrary variable affected by the previous event. Similarly, the current activity can also be predicted based on the previous activity for the insider threat activity. A method was studied where the change items for such state are defined by a transition probability, and classified as detection of anomaly of the inside threat through values for a probability variable. We use the properties of the Markov chains to list the behavior of the user over time and to classify which state they belong to. Sequential data sets were generated according to the influence of n occurrences of Markov attribute and classified by machine learning algorithm. In the experiment, only 15% of the Cert: insider threat dataset was applied, and the result was 97% accuracy except for NaiveBayes. As a result of our research, it was confirmed that the Markov Chain Model can classify insider threats and can be fully utilized for user behavior classification. | - |
dc.language | 영어 | - |
dc.language.iso | en | - |
dc.publisher | KSII-KOR SOC INTERNET INFORMATION | - |
dc.relation.isPartOf | KSII TRANSACTIONS ON INTERNET AND INFORMATION SYSTEMS | - |
dc.title | A study on Classification of Insider threat using Markov Chain Model | - |
dc.type | Article | - |
dc.type.rims | ART | - |
dc.description.journalClass | 1 | - |
dc.identifier.wosid | 000432227900027 | - |
dc.identifier.doi | 10.3837/tiis.2018.04.027 | - |
dc.identifier.bibliographicCitation | KSII TRANSACTIONS ON INTERNET AND INFORMATION SYSTEMS, v.12, no.4, pp.1887 - 1898 | - |
dc.identifier.kciid | ART002346479 | - |
dc.identifier.scopusid | 2-s2.0-85046900557 | - |
dc.citation.endPage | 1898 | - |
dc.citation.startPage | 1887 | - |
dc.citation.title | KSII TRANSACTIONS ON INTERNET AND INFORMATION SYSTEMS | - |
dc.citation.volume | 12 | - |
dc.citation.number | 4 | - |
dc.contributor.affiliatedAuthor | Kim, Dong-Wook | - |
dc.contributor.affiliatedAuthor | Hong, Sung-Sam | - |
dc.contributor.affiliatedAuthor | Han, Myung-Mook | - |
dc.type.docType | Article | - |
dc.subject.keywordAuthor | Insider threat | - |
dc.subject.keywordAuthor | Markov Chain | - |
dc.subject.keywordAuthor | Classification | - |
dc.relation.journalResearchArea | Computer Science | - |
dc.relation.journalResearchArea | Telecommunications | - |
dc.relation.journalWebOfScienceCategory | Computer Science, Information Systems | - |
dc.relation.journalWebOfScienceCategory | Telecommunications | - |
dc.description.journalRegisteredClass | scie | - |
dc.description.journalRegisteredClass | scopus | - |
dc.description.journalRegisteredClass | kci | - |
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.
1342, Seongnam-daero, Sujeong-gu, Seongnam-si, Gyeonggi-do, Republic of Korea(13120)031-750-5114
COPYRIGHT 2020 Gachon University All Rights Reserved.
Certain data included herein are derived from the © Web of Science of Clarivate Analytics. All rights reserved.
You may not copy or re-distribute this material in whole or in part without the prior written consent of Clarivate Analytics.