User Behavior Threat Detection Based on Adaptive Sliding Window GAN

被引:1
作者
Tao, Xiaoling [1 ]
Lu, Shen [1 ]
Zhao, Feng [2 ]
Lan, Rushi [1 ]
Chen, Longsheng [1 ]
Fu, Lianyou [1 ]
Jia, Ruchun [3 ]
机构
[1] Guilin Univ Elect Technol, Sch Comp Sci & Informat Secur, Guilin 541004, Peoples R China
[2] Guilin Univ Elect Technol, Sch Informat & Commun, Guilin 541004, Peoples R China
[3] Sichuan Univ, Sch Comp, Wangjiang Campus, Chengdu 610065, Peoples R China
来源
IEEE TRANSACTIONS ON NETWORK AND SERVICE MANAGEMENT | 2024年 / 21卷 / 02期
基金
中国国家自然科学基金;
关键词
User behavior; threat detection; adaptive sliding window; GAN; INSIDER THREAT; INTRUSION;
D O I
10.1109/TNSM.2024.3355698
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
User behavior threat detection is important for the protection of network system security. Traditional supervised modeling methods and unbalanced sample data lead to a high false positive rate in user behavior detection. In addition, network user behaviors are complex, changeable, and difficult to predict, and existing detection methods are facing ever greater challenges. Effectively detecting user behavior remains a challenge. In this paper, we propose a user behavior threat detection method based on an Adaptive Sliding Window Generative Adversarial Network (ASW-GAN). This method designs an adaptive sliding window mechanism to process behavior data and uses the GAN model to detect threat behavior, finally uses the maximum interclass variance algorithm Otsu to optimize test detection result. Compared with other typical methods, the proposed method achieves a higher accuracy rate and a markedly lower false positive rate, and can effectively evaluate user threat behaviors.
引用
收藏
页码:2493 / 2503
页数:11
相关论文
共 55 条
  • [31] Insider Threat Detection with Long Short-Term Memory
    Lu, Jiuming
    Wong, Raymond K.
    [J]. PROCEEDINGS OF THE AUSTRALASIAN COMPUTER SCIENCE WEEK MULTICONFERENCE (ACSW 2019), 2019,
  • [32] Online masquerade detection resistant to mimicry
    Maestre Vidal, Jorge
    Sandoval Orozco, Ana Lucila
    Garcia Villalba, Luis Javier
    [J]. EXPERT SYSTEMS WITH APPLICATIONS, 2016, 61 : 162 - 180
  • [33] Masquerade detection using enriched command lines
    Maxion, RA
    [J]. 2003 INTERNATIONAL CONFERENCE ON DEPENDABLE SYSTEMS AND NETWORKS, PROCEEDINGS, 2003, : 5 - 14
  • [34] Masquerade detection using truncated command lines
    Maxion, RA
    Townsend, TN
    [J]. INTERNATIONAL CONFERENCE ON DEPENDABLE SYSTEMS AND NETWORKS, PROCEEDINGS, 2002, : 219 - 228
  • [35] Towards Bayesian-Based Trust Management for Insider Attacks in Healthcare Software-Defined Networks
    Meng, Weizhi
    Choo, Kim-Kwang Raymond
    Furnell, Steven
    Vasilakos, Athanasios V.
    Probst, Christian W.
    [J]. IEEE TRANSACTIONS ON NETWORK AND SERVICE MANAGEMENT, 2018, 15 (02): : 761 - 773
  • [36] GRG, 2019, Arxiv, DOI arXiv:1911.05879
  • [37] A New Take on Detecting Insider Threats: Exploring the use of Hidden Markov Models
    Rashid, Tabish
    Agrafiotis, Ioannis
    Nurse, Jason R. C.
    [J]. MIST'16: PROCEEDINGS OF THE INTERNATIONAL WORKSHOP ON MANAGING INSIDER SECURITY THREATS, 2016, : 47 - 56
  • [38] A Model-Based Approach to Predicting the Performance of Insider Threat Detection Systems
    Roberts, Shannon C.
    Holodnak, John T.
    Trang Nguyen
    Yuditskaya, Sophia
    Milosavljevic, Maja
    Streilein, William W.
    [J]. 2016 IEEE SYMPOSIUM ON SECURITY AND PRIVACY WORKSHOPS (SPW 2016), 2016, : 314 - 323
  • [39] Unsupervised Anomaly Detection with Generative Adversarial Networks to Guide Marker Discovery
    Schlegl, Thomas
    Seeboeck, Philipp
    Waldstein, Sebastian M.
    Schmidt-Erfurth, Ursula
    Langs, Georg
    [J]. INFORMATION PROCESSING IN MEDICAL IMAGING (IPMI 2017), 2017, 10265 : 146 - 157
  • [40] Schonlau M, 2001, STAT SCI, V16, P58