Insider Threat Detection and Prevention Protocol: ITDP

Amnat Sawatnatee, Somchai Prakancharoen


Insider threat is a severe problem of many computer department since they have an authorized to do some assigned tasks. They can easily seek for any organizational computer security vulnerability. Protocol “Insider threat detection and prevention Protocol: ITDP” is designed to detect if a requesting “IT user” is authentic IT user whom has been allocated rights to particular application. User’s knowledge and his behavior are used to classify whether he is a real identified IT user or not. Statistical classification technique is used to predict if the guest is authentic. Best classification technique is linear binary discriminant function analysis with 98.3 percentage of accuracy in insider threat detection classification.


Insider threat, question-answering, computer usage behavior, rough set, binary logistic regression

Full Text:


International Journal of Online and Biomedical Engineering (iJOE) – eISSN: 2626-8493
Creative Commons License
Scopus logo Clarivate Analyatics ESCI logo IET Inspec logo DOAJ logo DBLP logo EBSCO logo Ulrich's logo Google Scholar logo MAS logo