Repository logo
 

Insider Threat Detection Data Augmentation Using WCGAN-GP

Date

2022-04-12T14:09:22Z

Authors

Preston, Mack

Journal Title

Journal ISSN

Volume Title

Publisher

Abstract

This thesis explores the application of Generative Adversarial Networks (GANs) in augmenting insider threat detection datasets to alleviate class imbalance. In addition, a machine learning based insider threat detection system is proposed that augments datasets to improve detection rates while maintaining precision. WCGAN-GP, a promising new GAN variant, is trained on a publicly available synthetic insider threat dataset and used to generate realistic samples for multiple insider scenarios. The generated samples are used to augment the dataset, which is then used to train supervised classifiers to detect insider threats. The WCGAN-GP based augmentation strategy outperforms the baseline (under-sampled) strategy on a large feature set, increasing the detection rate while preserving a low false-positive rate. The framework was further tested on two later versions of the dataset which contain modified behaviour and new insider scenarios. The results show that the proposed approach is robust and can generalize to novel insider threat scenarios.

Description

Keywords

Insider Threat Detection, Data Augmentation, WCGAN-GP, GAN, Machine Learning, Cyber Security

Citation