Insider Threat Detection and Prevention Protocol: ITDP

Authors

  • Amnat Sawatnatee Rajaphat Chandrakasem University, Bangkok
  • Somchai Prakancharoen King Mongkut's university of technology north Bangkok

DOI:

https://doi.org/10.3991/ijoe.v17i02.18297

Keywords:

Insider threat, question-answering, computer usage behavior, rough set, binary logistic regression

Abstract


Insider threat is a severe problem of many computer department since they have an authorized to do some assigned tasks. They can easily seek for any organizational computer security vulnerability. Protocol “Insider threat detection and prevention Protocol: ITDP” is designed to detect if a requesting “IT user” is authentic IT user whom has been allocated rights to particular application. User’s knowledge and his behavior are used to classify whether he is a real identified IT user or not. Statistical classification technique is used to predict if the guest is authentic. Best classification technique is linear binary discriminant function analysis with 98.3 percentage of accuracy in insider threat detection classification.

Author Biographies

Amnat Sawatnatee, Rajaphat Chandrakasem University, Bangkok

Faculty of science

Somchai Prakancharoen, King Mongkut's university of technology north Bangkok

Fculty of applied science

department of applied computer science

Downloads

Published

2021-02-12

How to Cite

Sawatnatee, A., & Prakancharoen, S. (2021). Insider Threat Detection and Prevention Protocol: ITDP. International Journal of Online and Biomedical Engineering (iJOE), 17(02), pp. 69–89. https://doi.org/10.3991/ijoe.v17i02.18297

Issue

Section

Papers