Research Projects

Deep Learning for Insider Threat Detection

Insiders are malicious people within organizations who abuse their authorized access in a manner that compromises the confidentiality, integrity, or availability of information systems. Attacks from insiders are hard to detect and can cause significant loss to organizations. While the problem of insider threat detection has been studied for a long time, the traditional machine learning-based detection approaches, which heavily rely on feature engineering, are hard to accurately capture the behavior difference between insiders and normal users due to the dynamic and adaptive nature of insider threats. This project aims to develop novel deep learning approaches to achieve insider threat detection from complex user behavior data.