Browse > Article
http://dx.doi.org/10.13089/JKIISC.2020.30.4.647

A Study on the Abnormal Behavior Detection Model through Data Transfer Data Analysis  

Son, In Jae (Korea University School of Cybersecurity)
Kim, Huy Kang (Korea University School of Cybersecurity)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.30, no.4, 2020 , pp. 647-656 More about this Journal
Abstract
Recently, there has been an increasing number of cases in which important data (personal information, technology, etc.) of national and public institutions are leaked to the outside world. Surveys show that the largest cause of such leakage accidents is "insiders." Insiders of organization with the most authority can cause more damage than technology leaks caused by external attacks due to the organization. This is due to the characteristics of insiders who have relatively easy access to the organization's major assets. This study aims to present an optimized property selection model for detecting such abnormalities through supervised learning algorithms among machine learning techniques using actual data such as CrossNet data transfer system transmission log, e-mail transmission log, and personnel information, which safely transmits data between separate areas (security area and non-security area) of the business network and the Internet network.
Keywords
Insider Threat; Supervised Learning; Multilayer Perceptron; Classification; Weka;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 Korea Internet & Security Agency, "2018 Information Security Survey Report," Apr. 2019.
2 National Intelligence Service, "National Public Institutions Security Conformity Validation Guide," Jun. 2017.
3 CERT Insider Threat, http://www.cert.org/insider_threat/
4 Hyun-Song Jang, "Data-mining Based Anomaly Detection in Document Management System," Oct. 2015.
5 Young-baek Kwon, In-seok Kim, "A Study on Anomaly Signal Detection and Management Model Uing Big Data," JIIBC, vol. 16, no. 6, pp. 287-294, Dec. 2016.   DOI
6 Hae-dong Kim, "Insider Threat Detection based on User Behavior Model and Novelty Detection Algorithms," Korea University, Aug. 2017.
7 Ho-Jin Lee "Feature Selection Practice for Unsupervised Learning of Credit Card Fraud Detection," Korea University, Feb. 2017.
8 Pallabi Parveen, Nate McDanial, Varun S. Hariharan, "Unsupervised Ensemble based Learning for Insider Threat Detection," Sep. 2012.
9 Eldardiry, H., Sricharn,k.,Liu, j., Hanley,J., Price,B., Brdiczka, O., & Bart,E., "Multi-source fusion for anomaly detection: using across-domain and across-time peer-group consistency checks," Jun. 2014.
10 Tae-ho Kim, "Feature Selection Optimization in Unsupervised Learning for Insider threat Detection," Korea University, Jun. 2018.
11 Turban, E., J. E. Aronson, and T. P. Liang, "Decsion Support Systems and Intelligent Systems, (7th Edition)," Prentice Hall Inc., Apr. 2004.
12 Mi-ae Oh, "A Study on Social security Big Data Analysis and Prediction Model based on Machine Learning," Korea Institute for Health and Social Affairs, Dec. 2017.
13 Wikipedia, "machine learning", https://en.wikipedia.org/wiki/Weka_(machine_learning)
14 Jang-hyuk Ko, "A Study on the Analysis of Insider Behavior Based on Machine Learning for Information Leak Detection," Aug. 2018.
15 Jason Roell, "From Fiction to Reality: A Beginner's Guide to Artificial Neural Networks," Jun. 2017.
16 Jayesh Bapu Ahire, "The XOR Problem in Neural Networks," Dec. 2017.
17 KoNLPy Library, https://konlpy.org/k o/latest/
18 Jong-hyun Lee, "Exploring the Prediction Model of Underachieving Ratio in Middle School Mathematics Using Machine Learning," Feb. 2020.