Citation :

Hariprasad Sivaraman, 2024. "Real-Time Anomaly Detection for Insider Threat Prevention in Federal Systems" ESP International Journal of Advancements in Computational Technology (ESP-IJACT)  Volume 2, Issue 4: 62-67.

Abstract :

Despite being key institutions in both national and state security functions, federal agencies handle incredibly massive amounts of sensitive data, making them a high value vector for insider threats. This demonstrates how insider threats often evade traditional security mechanisms that fail to detect malicious activity in real-time and mitigate risk effectively in a timely manner. A real-time insider threat detection model using machine learning for anomaly detection in federal systems therefore is proposed in this paper. Through predictive analytics, behavioral profiling and ongoing monitoring, this model is intended to protect federal systems from the threat of an internal security breach and improve response time.

References :

[1] C. Aljawarneh, M. Aldwairi, and M. B. Yassein, “Anomaly-based intrusion detection system through feature selection analysis and building hybrid efficient model,” Journal of Computational Science, vol. 25, pp. 152-160, 2018.

[2] E. Bertino and G. Ghinita, “Towards mechanisms for detection and prevention of data exfiltration by insiders: Key challenges and potential approaches,” in Proc. IEEE Int. Conf. on Privacy, Security, Risk and Trust (PASSAT), 2011, pp. 139-146.

[3] M. Bishop and C. Gates, “Defining insider threat,” in Proc. IEEE Computer Society Symposium on Security and Privacy Workshops (SPW), 2014, pp. 225-232.

[4] M. Umer, A. Sher, H. Jan, K. Ullah, and A. Zaman, “Modeling suspicious insider threat using structural anomalies in social networks,” Computers & Security, vol. 94, pp. 101-115, 2020.

[5] N. J. Hulst and T. A. LeClair, “Continuous security monitoring for insider threat detection: A scalable approach for the enterprise,” Security Journal, vol. 33, no. 4, pp. 511-524, 2020.

[6] Verizon. "2023 Data Breach Investigations Report (DBIR)." Available at: [https://www.verizon.com/about/news/media-resources/attachment?fid=65e1e3213d633293cd82b8cb].

[7] Ponemon Institute. "2022 Cost of Insider Threats Global Report." Available at: [https://go.proofpoint.com/rs/309-RHV-619/images/Ponemon_2022Report_A4_Final_UK.pdf].

[8] IBM. "2023 Cost of a Data Breach Report." Available at: [https://www.ibm.com/security/data-breach].

[9] Carnegie Mellon University. CERT Insider Threat Center. "Insider Threat Report." Available at: [https://resources.sei.cmu.edu/].

[10] Carnegie Mellon University. CERT Insider Threat Test Dataset. Available at: [https://resources.sei.cmu.edu/library/asset-view.cfm?assetid=508099].

[11] Deloitte. "2022 Insider Threat Report." Available at: [https://www2.deloitte.com/global/en.html].

Keywords :

Insider Threats, Federal Systems, Anomaly Detection, Machine Learning, Behavioral Monitoring, Cybersecurity.