Go to DBLP homepageTGCN-DA: A Temporal Graph Convolutional Network with Data Augmentation for High Accuracy Insider Threat Detection
Abstract: Insider threats present a formidable challenge to cybersecurity, as insiders possess the privileges and information necessary to execute diverse attacks. A comprehensive analysis of user behavior, including behavioral features, sequences, and inter-user relationships, is required for effective insider threat detection. However, few existing methods consider these features in an integrated manner, which could result in high false positives. To further improve the accuracy of insider threat detection, we propose a novel framework for insider threat detection based on a temporal graph convolutional network with data augmentation (referred to as TGCN-DA), which integrates the exploration of structural information among users and simultaneously captures the behavior temporal dependencies. In particular, we introduce an edge predictor to encode user structural information and strengthen intra-class edges among users based on the representation of users’ behavior. Additionally, the GCN with temporal feature mechanism is leveraged to learn dynamic changes in users’ behavior to capture behavior temporal dependence. Extensive experiments demonstrate that our proposed TGCN-DA outperforms other state-of-the-art methods and achieves higher accuracy in the task of insider threat detection.
Loading