Insider Threat Detection Data Augmentation Using WCGAN-GP
Date
2022-04-12T14:09:22Z
Authors
Preston, Mack
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
This thesis explores the application of Generative Adversarial Networks (GANs) in augmenting insider threat detection datasets to alleviate class imbalance. In addition, a machine learning based insider threat detection system is proposed that augments datasets to improve detection rates while maintaining precision. WCGAN-GP, a promising new GAN variant, is trained on a publicly available synthetic insider threat dataset and used to generate realistic samples for multiple insider scenarios. The generated samples are used to augment the dataset, which is then used to train supervised classifiers to detect insider threats. The WCGAN-GP based augmentation strategy outperforms the baseline (under-sampled) strategy on a large feature set, increasing the detection rate while preserving a low false-positive rate. The framework was further tested on two later versions of the dataset which contain modified behaviour and new insider scenarios. The results show that the proposed approach is robust and can generalize to novel insider threat scenarios.
Description
Keywords
Insider Threat Detection, Data Augmentation, WCGAN-GP, GAN, Machine Learning, Cyber Security