An improved feature extraction algorithm for insider threat using hidden Markov model on user behavior detection
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Ye, Xiaoyun | - |
dc.contributor.author | Han, Myung-Mook | - |
dc.date.accessioned | 2022-02-11T02:40:17Z | - |
dc.date.available | 2022-02-11T02:40:17Z | - |
dc.date.created | 2021-02-01 | - |
dc.date.issued | 2022-01 | - |
dc.identifier.issn | 2056-4961 | - |
dc.identifier.uri | https://scholarworks.bwise.kr/gachon/handle/2020.sw.gachon/83465 | - |
dc.description.abstract | Purpose: By using a new feature extraction method on the Cert data set and using a hidden Markov model (HMM) to model and analyze the behavior of users to distinguish whether the behavior is normal within a continuous period. Design/methodology/approach: Feature extraction of five parts of the time series by rules and sorting in chronological order. Use the obtained features to calculate the probability parameters required by the HMM model and establish a behavior model for each user. When the user has abnormal behavior, the model will return a very low probability value to distinguish between normal and abnormal information. Findings: Generally, HMM parameters are obtained by supervised learning and unsupervised learning, but the hidden state cannot be clearly defined. When the hidden state is determined according to the data set, the accuracy of the model will be improved. Originality/value: This paper proposes a new feature extraction method and analysis mode, which determines the shape of the hidden state according to the situation of the data set, making subsequent HMM modeling simple and efficient and in turn improving the accuracy of user behavior detection. © 2020, Emerald Publishing Limited. | - |
dc.language | 영어 | - |
dc.language.iso | en | - |
dc.publisher | Emerald Group Holdings Ltd. | - |
dc.relation.isPartOf | Information and Computer Security | - |
dc.title | An improved feature extraction algorithm for insider threat using hidden Markov model on user behavior detection | - |
dc.type | Article | - |
dc.type.rims | ART | - |
dc.description.journalClass | 1 | - |
dc.identifier.wosid | 000613096000001 | - |
dc.identifier.doi | 10.1108/ICS-12-2019-0142 | - |
dc.identifier.bibliographicCitation | Information and Computer Security, v.30, no.1, pp.19 - 36 | - |
dc.description.isOpenAccess | N | - |
dc.identifier.scopusid | 2-s2.0-85099772532 | - |
dc.citation.endPage | 36 | - |
dc.citation.startPage | 19 | - |
dc.citation.title | Information and Computer Security | - |
dc.citation.volume | 30 | - |
dc.citation.number | 1 | - |
dc.contributor.affiliatedAuthor | Ye, Xiaoyun | - |
dc.contributor.affiliatedAuthor | Han, Myung-Mook | - |
dc.type.docType | Article | - |
dc.subject.keywordAuthor | Anomaly detection | - |
dc.subject.keywordAuthor | Hidden Markov model | - |
dc.subject.keywordAuthor | Insider threat detection | - |
dc.subject.keywordAuthor | Viterbi algorithm | - |
dc.relation.journalResearchArea | Computer Science | - |
dc.relation.journalWebOfScienceCategory | Computer Science, Information Systems | - |
dc.description.journalRegisteredClass | scopus | - |
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.
1342, Seongnam-daero, Sujeong-gu, Seongnam-si, Gyeonggi-do, Republic of Korea(13120)031-750-5114
COPYRIGHT 2020 Gachon University All Rights Reserved.
Certain data included herein are derived from the © Web of Science of Clarivate Analytics. All rights reserved.
You may not copy or re-distribute this material in whole or in part without the prior written consent of Clarivate Analytics.