Table of Contents Author Guidelines Submit a Manuscript
Security and Communication Networks
Volume 2018 (2018), Article ID 5906368, 18 pages
https://doi.org/10.1155/2018/5906368
Research Article

Distance Measurement Methods for Improved Insider Threat Detection

Edinburgh Napier University, Edinburgh, UK

Correspondence should be addressed to William J. Buchanan

Received 24 August 2017; Revised 6 December 2017; Accepted 13 December 2017; Published 17 January 2018

Academic Editor: Gerardo Pelosi

Copyright © 2018 Owen Lo et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Linked References

  1. E. Ukkonen, “Algorithms for approximate string matching,” Information and Control, vol. 64, no. 1-3, pp. 100–118, 1985. View at Publisher · View at Google Scholar · View at MathSciNet · View at Scopus
  2. W. W. Cohen, P. Ravikumar, and S. E. Fienberg, “A comparison of string metrics for matching names and records,” KDD Work. Data Clean. Object Consol, vol. 3, pp. 73–78, 2003. View at Google Scholar
  3. A. H. Gray and J. D. Markel, “Distance Measures for Speech Processing,” IEEE Transactions on Signal Processing, vol. 24, no. 5, pp. 380–391, 1976. View at Publisher · View at Google Scholar · View at Scopus
  4. P. Mermelstein, “Distance measures for speech recognition, psychological and instrumental,” International Journal of Pattern Recognition and Artificial Intelligence, vol. 116, pp. 374–388, 1976. View at Google Scholar
  5. A. Gionis, P. Indyk, and R. Motwani, “and others, Similarity search in high dimensions via hashing,” The VLDB Journal, vol. 99, pp. 518–529, 1999. View at Google Scholar
  6. O. Chum, J. Philbin, and A. Zisserman, “Near duplicate image detection: Min-Hash and tf-idf weighting,” in Proceedings of the 2008 19th British Machine Vision Conference, BMVC 2008, UK, September 2008. View at Publisher · View at Google Scholar · View at Scopus
  7. A. L. Buczak and E. Guven, “A survey of data mining and machine learning methods for cyber security intrusion detection,” IEEE Communications Surveys & Tutorials, vol. 18, no. 2, pp. 1153–1176, 2016. View at Publisher · View at Google Scholar · View at Scopus
  8. S. Dua and X. Du, Data Mining and Machine Learning in Cybersecurity, CRC Press, 2011. View at Publisher · View at Google Scholar
  9. P. Nimbalkar, V. Mulwad, N. Puranik, A. Joshi, and T. Finin, “Semantic interpretation of structured log files,” in Proceedings of the 17th IEEE International Conference on Information Reuse and Integration, IRI 2016, pp. 549–555, USA, July 2016. View at Publisher · View at Google Scholar · View at Scopus
  10. Z. Syed, A. Padia, T. Finin, L. Mathews, and A. Joshi, UCO: A Unified Cybersecurity Ontology,.
  11. C. Bizer, J. Lehmann, G. Kobilarov et al., “DBpedia—a crystallization point for the web of data,” Journal of Web Semantics: Science, Services and Agents on the World Wide Web, vol. 7, no. 3, pp. 154–165, 2009. View at Publisher · View at Google Scholar · View at Scopus
  12. T. Rashid, I. Agrafiotis, and J. R. C. Nurse, “A new take on detecting insider threats: exploring the use of hidden markov models,” in Proceedings of the 8th ACM CCS International Workshop on Managing Insider Security Threats, MIST 2016, pp. 47–56, Austria, 2016. View at Publisher · View at Google Scholar · View at Scopus
  13. A. Tuor, S. Kaplan, B. Hutchinson, N. Nichols, and S. Robinson, “Deep learning for unsupervised insider threat detection in structured cybersecurity data streams,” in AICS - Artif. Intell. Cyber Secur, vol. 2012, 2017. View at Google Scholar
  14. B. Bose, B. Avasarala, S. Tirthapura, Y.-Y. Chung, and D. Steiner, “Detecting insider threats using radish: a system for real-time anomaly detection in heterogeneous data streams,” IEEE Systems Journal, vol. 11, no. 2, pp. 471–482, 2017. View at Publisher · View at Google Scholar · View at Scopus
  15. P. A. Legg, O. Buckley, M. Goldsmith, and S. Creese, “Automated insider threat detection system using user and role-based profile assessment,” IEEE Systems Journal, vol. PP, no. 99, 2015. View at Publisher · View at Google Scholar · View at Scopus
  16. A. Singh and S. Patel, “Applying modified K-nearest neighbor to detect insider threat in collaborative information systems,” Ijirset.Com, vol. 3, no. 6, pp. 14146–14151, 2014. View at Google Scholar
  17. Y. Hashem, H. Takabi, M. Ghasemigol, and R. Dantu, “Inside the mind of the insider: towards insider threat detection using psychophysiological signals,” Journal of Internet Services and Information Security, vol. 6, no. 1, pp. 20–36, 2016. View at Publisher · View at Google Scholar · View at Scopus
  18. B. Lindauer, J. Glasser, M. Rosen, and K. Wallnau, “Generating test data for insider threat detectors,” Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications, vol. 5, no. 2, pp. 80–94, 2013. View at Google Scholar · View at Scopus
  19. CERT, “Insider Threat Tools,” https://www.cert.org/insider-threat/tools/, 2017.
  20. R Core Team, R: A Language and Environment for Statistical Computing, Austria, Vienna, 2016.
  21. J. Law, D. Mitarotonda, J. Larmarange, J. Boiser, and C. Hee, Package lubridate, 2016.
  22. A. Hadley, J. Hester, and R. Francois, Package ‘readr’ ,2017.
  23. L. R. Rabiner and B.-H. Juang, “An introduction to hidden Markov models,” IEEE ASSP Magazine, vol. 3, no. 1, pp. 4–16, 1986. View at Publisher · View at Google Scholar · View at Scopus
  24. L. Himmelmann, Package ‘HMM’, 2015.
  25. M. P. J. van der Loo, “The stringdist package for approximate string matching,” The R Journal, vol. 6, no. 1, pp. 111–122, 2014. View at Google Scholar · View at Scopus
  26. S. Niwattanakul, J. Singthongchai, E. Naenudorn, and S. Wanapu, “Using of jaccard coefficient for keywords similarity,” International MultiConference Engineering Computer Science, pp. 380–384, 2013. View at Google Scholar · View at Scopus
  27. J.-P. van Brakel, “Peak signal detection in realtime timeseries data,” 2017, https://stackoverflow.com/a/22640362.