{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,28]],"date-time":"2026-04-28T01:07:58Z","timestamp":1777338478608,"version":"3.51.4"},"publisher-location":"Singapore","reference-count":65,"publisher":"Springer Nature Singapore","isbn-type":[{"value":"9789819754885","type":"print"},{"value":"9789819754892","type":"electronic"}],"license":[{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2024]]},"DOI":"10.1007\/978-981-97-5489-2_10","type":"book-chapter","created":{"date-parts":[[2024,7,26]],"date-time":"2024-07-26T03:48:02Z","timestamp":1721965682000},"page":"106-122","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["Insider Threat Defense Strategies: Survey and\u00a0Knowledge Integration"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-7020-7603","authenticated-orcid":false,"given":"Chengyu","family":"Song","sequence":"first","affiliation":[]},{"given":"Jingjing","family":"Zhang","sequence":"additional","affiliation":[]},{"given":"Linru","family":"Ma","sequence":"additional","affiliation":[]},{"given":"Xinxin","family":"Hu","sequence":"additional","affiliation":[]},{"given":"Jianming","family":"Zheng","sequence":"additional","affiliation":[]},{"given":"Lin","family":"Yang","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2024,7,27]]},"reference":[{"key":"10_CR1","doi-asserted-by":"crossref","unstructured":"Achleitner, S., Porta, T.L., McDaniel, P.D., et\u00a0al.: Cyber deception: virtual networks to defend insider reconnaissance. In: ACM CCS, pp. 57\u201368. ACM (2016)","DOI":"10.1145\/2995959.2995962"},{"key":"10_CR2","doi-asserted-by":"publisher","DOI":"10.1016\/j.compeleceng.2021.107597","volume":"97","author":"MN Al-Mhiqani","year":"2022","unstructured":"Al-Mhiqani, M.N., Ahmad, R., Abidin, Z.Z., et al.: A new intelligent multilayer framework for insider threat detection. Comput. Electr. Eng. 97, 107597 (2022)","journal-title":"Comput. Electr. Eng."},{"issue":"15","key":"10_CR3","doi-asserted-by":"publisher","first-page":"5208","DOI":"10.3390\/app10155208","volume":"10","author":"MN Al-Mhiqani","year":"2020","unstructured":"Al-Mhiqani, M.N., Ahmad, R., Zainal Abidin, Z., et al.: A review of insider threat detection: classification, machine learning techniques, datasets, open challenges, and recommendations. Appl. Sci. 10(15), 5208 (2020)","journal-title":"Appl. Sci."},{"key":"10_CR4","doi-asserted-by":"publisher","first-page":"118170","DOI":"10.1109\/ACCESS.2023.3326750","volume":"11","author":"T Al-Shehari","year":"2023","unstructured":"Al-Shehari, T., Al-Razgan, M.S., Alfakih, T., et al.: Insider threat detection model using anomaly-based isolation forest algorithm. IEEE Access 11, 118170\u2013118185 (2023)","journal-title":"IEEE Access"},{"key":"10_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"486","DOI":"10.1007\/11427995_47","volume-title":"Intelligence and Security Informatics","author":"B Aleman-Meza","year":"2005","unstructured":"Aleman-Meza, B., Burns, P., Eavenson, M., Palaniswami, D., Sheth, A.: An ontological approach to the document access problem of insider threat. In: Kantor, P., et al. (eds.) ISI 2005. LNCS, vol. 3495, pp. 486\u2013491. Springer, Heidelberg (2005). https:\/\/doi.org\/10.1007\/11427995_47"},{"key":"10_CR6","doi-asserted-by":"publisher","first-page":"108965","DOI":"10.1109\/ACCESS.2022.3213645","volume":"10","author":"M Alohaly","year":"2022","unstructured":"Alohaly, M., Balogun, O., Takabi, D.: Integrating cyber deception into attribute-based access control (ABAC) for insider threat detection. IEEE Access 10, 108965\u2013108978 (2022)","journal-title":"IEEE Access"},{"key":"10_CR7","doi-asserted-by":"crossref","unstructured":"Althebyan, Q., Panda, B.: A knowledge-base model for insider threat prediction. In: 2007 IEEE SMC Information Assurance and Security Workshop, pp. 239\u2013246. IEEE (2007)","DOI":"10.1109\/IAW.2007.381939"},{"key":"10_CR8","unstructured":"Anderson, J.P.: Computer security threat monitoring and surveillance. Technical report, James P. Anderson Company (1980)"},{"key":"10_CR9","series-title":"Advances in Information Security","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-0-387-77322-3_1","volume-title":"Insider Attack and Cyber Security - Beyond the Hacker","author":"SM Bellovin","year":"2008","unstructured":"Bellovin, S.M.: The insider attack problem nature and scope. In: Stolfo, S.J., Bellovin, S.M., Keromytis, A.D., Hershkop, S., Smith, S.W., Sinclair, S. (eds.) Insider Attack and Cyber Security - Beyond the Hacker. Advances in Information Security, vol. 39, pp. 1\u20134. Springer, Boston (2008). https:\/\/doi.org\/10.1007\/978-0-387-77322-3_1"},{"key":"10_CR10","doi-asserted-by":"crossref","unstructured":"Bhatia, S., Hooi, B., Yoon, M., et\u00a0al.: Midas: microcluster-based detector of anomalies in edge streams. In: IAAI, pp. 3242\u20133249. AAAI Press (2020)","DOI":"10.1609\/aaai.v34i04.5724"},{"key":"10_CR11","doi-asserted-by":"crossref","unstructured":"Bishop, M., Engle, S., Peisert, S., et\u00a0al.: We have met the enemy and he is us. In: Proceedings of the 2008 Workshop on New Security Paradigms, Lake Tahoe, CA, USA, 22\u201325 September 2008, pp. 1\u201312. ACM (2008)","DOI":"10.1145\/1595676.1595678"},{"issue":"6","key":"10_CR12","doi-asserted-by":"publisher","first-page":"22","DOI":"10.1109\/MSP.2009.109","volume":"7","author":"BM Bowen","year":"2009","unstructured":"Bowen, B.M., Salem, M.B., Hershkop, S., et al.: Designing host and network sensors to mitigate the insider threat. IEEE Secur. Priv. 7(6), 22\u201329 (2009)","journal-title":"IEEE Secur. Priv."},{"key":"10_CR13","unstructured":"Bowman, B., Laprade, C., Ji, Y., Huang, H.H.: Detecting lateral movement in enterprise computer networks with unsupervised graph AI. In: 23rd International Symposium on Research in Attacks, Intrusions and Defenses, RAID 2020, San Sebastian, Spain, 14\u201315 October 2020, pp. 257\u2013268. USENIX Association (2020)"},{"key":"10_CR14","doi-asserted-by":"crossref","unstructured":"Cai, L., Chen, Z., Luo, C., et\u00a0al.: Structural temporal graph neural networks for anomaly detection in dynamic graphs. In: Proceedings of the 30th ACM International Conference on Information & Knowledge Management, pp. 3747\u20133756 (2021)","DOI":"10.1145\/3459637.3481955"},{"issue":"3","key":"10_CR15","doi-asserted-by":"publisher","first-page":"919","DOI":"10.1016\/j.eswa.2013.08.022","volume":"41","author":"B Cami\u00f1a","year":"2014","unstructured":"Cami\u00f1a, B., Hern\u00e1ndez-Gracidas, C.A., Monroy, R., Trejo, L.A.: The windows-users and -intruder simulations logs dataset (WUIL): an experimental framework for masquerade detection mechanisms. Expert Syst. Appl. 41(3), 919\u2013930 (2014)","journal-title":"Expert Syst. Appl."},{"issue":"4","key":"10_CR16","doi-asserted-by":"publisher","first-page":"8","DOI":"10.1016\/S1353-4858(20)30042-8","volume":"2020","author":"P Chapman","year":"2020","unstructured":"Chapman, P.: Are your it staff ready for the pandemic-driven insider threat? Netw. Secur. 2020(4), 8\u201311 (2020)","journal-title":"Netw. Secur."},{"key":"10_CR17","unstructured":"Collins, M., et al.: Common sense guide to mitigating insider threats. The CERT Insider Threat Center, Technical report CMU\/SEI-2015-TR-010 (2016)"},{"key":"10_CR18","series-title":"Advances in Information Security","doi-asserted-by":"publisher","first-page":"173","DOI":"10.1007\/978-1-4419-7133-3_8","volume-title":"Insider Threats in Cyber Security","author":"J Crampton","year":"2010","unstructured":"Crampton, J., Huth, M.: Towards an access-control framework for countering insider threats. In: Probst, C., Hunker, J., Gollmann, D., Bishop, M. (eds.) Insider Threats in Cyber Security. Advances in Information Security, vol. 49, pp. 173\u2013195. Springer, Boston (2010). https:\/\/doi.org\/10.1007\/978-1-4419-7133-3_8"},{"key":"10_CR19","doi-asserted-by":"crossref","unstructured":"Desmedt, Y., Shaghaghi, A.: Function-based access control (FBAC): from access control matrix to access control tensor. In: CCS, pp. 89\u201392. ACM (2016)","DOI":"10.1145\/2995959.2995974"},{"key":"10_CR20","unstructured":"Eom, J.H., Park, M.W., Park, S.H., et\u00a0al.: A framework of defense system for prevention of insider\u2019s malicious behaviors. In: ICACT 2011, pp. 982\u2013987. IEEE (2011)"},{"key":"10_CR21","doi-asserted-by":"crossref","unstructured":"Fei, K., Zhou, J., Su, L., et\u00a0al.: A graph convolution neural network based method for insider threat detection. In: 2022 IEEE International Conference on Parallel, pp. 66\u201373 (2022)","DOI":"10.1109\/ISPA-BDCloud-SocialCom-SustainCom57177.2022.00016"},{"key":"10_CR22","unstructured":"Garchery, M., Granitzer, M.: ADSAGE: anomaly detection in sequences of attributed graph edges applied to insider threat detection at fine-grained level. CoRR abs\/2007.06985 (2020). https:\/\/arxiv.org\/abs\/2007.06985"},{"issue":"4","key":"10_CR23","first-page":"706","volume":"62","author":"A Georgiadou","year":"2022","unstructured":"Georgiadou, A., Mouzakitis, S., Askounis, D.: Detecting insider threat via a cyber-security culture framework. J. Comput. Inf. Syst. 62(4), 706\u2013716 (2022)","journal-title":"J. Comput. Inf. Syst."},{"key":"10_CR24","doi-asserted-by":"crossref","unstructured":"Glasser, J., Lindauer, B.: Bridging the gap: a pragmatic approach to generating insider threat data. In: 2013 IEEE Symposium on Security and Privacy Workshops, San Francisco, CA, USA, 23\u201324 May 2013, pp. 98\u2013104. IEEE Computer Society (2013)","DOI":"10.1109\/SPW.2013.37"},{"key":"10_CR25","doi-asserted-by":"crossref","unstructured":"Harilal, A., Toffalini, F., Castellanos, J.H., et\u00a0al.: TWOS: a dataset of malicious insider threat behavior based on a gamified competition. In: Proceedings of the 2017 International Workshop on Managing Insider Security Threats, Dallas, TX, USA, 30 October\u201303 November 2017, pp. 45\u201356. ACM (2017)","DOI":"10.1145\/3139923.3139929"},{"key":"10_CR26","unstructured":"Harilal, A., Toffalini, F., Homoliak, I., et\u00a0al.: The wolf of SUTD (TWOS): a dataset of malicious insider threat behavior based on a gamified competition. J. Wirel. Mob. Networks Ubiquitous Comput. Dependable Appl. 9(1), 54\u201385 (2018)"},{"key":"10_CR27","doi-asserted-by":"crossref","unstructured":"Helman, P., Liepins, G.E., Richards, W.: Foundations of intrusion detection. In: 5th IEEE Computer Security Foundations Workshop - CSFW 1992, Franconia, New Hampshire, USA, 16\u201318 June 1992, Proceedings, pp. 114\u2013120. IEEE Computer Society (1992)","DOI":"10.1109\/CSFW.1992.236783"},{"key":"10_CR28","doi-asserted-by":"crossref","unstructured":"Homoliak, I., Toffalini, F., Guarnizo, J., et\u00a0al.: Insight into insiders and IT: a survey of insider threat taxonomies, analysis, modeling, and countermeasures. ACM Comput. Surv. 52(2), 30:1\u201330:40 (2019)","DOI":"10.1145\/3303771"},{"key":"10_CR29","doi-asserted-by":"publisher","first-page":"29696","DOI":"10.1109\/ACCESS.2021.3058528","volume":"9","author":"TT Huong","year":"2021","unstructured":"Huong, T.T., et al.: Lockedge: low-complexity cyberattack detection in IoT edge computing. IEEE Access 9, 29696\u201329710 (2021)","journal-title":"IEEE Access"},{"key":"10_CR30","doi-asserted-by":"crossref","unstructured":"Santos Jr., E., Nguyen, H., Yu, F., et\u00a0al.: Intent-driven insider threat detection in intelligence analysis. In: Proceedings of the 2008 IEEE\/WIC\/ACM International Conference on Intelligent Agent Technology, Sydney, NSW, Australia, 9\u201312 December 2008, pp. 345\u2013349. IEEE Computer Society (2008)","DOI":"10.1109\/WIIAT.2008.376"},{"key":"10_CR31","unstructured":"Kellett, A.: Vormetric insider threat report (2015). https:\/\/enterprise-encryption.vormetric.com\/rs\/vormetric\/images\/CW_GlobalReport_2015_Insider_threat_Vormetric_Single_Pages_010915.pdf. Accessed 25 Dec 2023"},{"key":"10_CR32","unstructured":"Kim, A., Oh, J., Ryu, J., Lee, J., Kwon, K., Lee, K.: SoK: a systematic review of insider threat detection. J. Wirel. Mob. Networks Ubiquitous Comput. Dependable Appl. 10(4), 46\u201367 (2019)"},{"key":"10_CR33","unstructured":"Kim, A., Oh, J., Ryu, J., et\u00a0al.: SoK: a systematic review of insider threat detection. J. Wirel. Mob. Networks Ubiquitous Comput. Dependable Appl. 10(4), 46\u201367 (2019)"},{"key":"10_CR34","doi-asserted-by":"publisher","first-page":"78847","DOI":"10.1109\/ACCESS.2020.2990195","volume":"8","author":"A Kim","year":"2020","unstructured":"Kim, A., Oh, J., Ryu, J., et al.: A review of insider threat detection approaches with IoT perspective. IEEE Access 8, 78847\u201378867 (2020)","journal-title":"IEEE Access"},{"issue":"2","key":"10_CR35","doi-asserted-by":"publisher","first-page":"1152","DOI":"10.1109\/TNSM.2021.3071928","volume":"18","author":"DC Le","year":"2021","unstructured":"Le, D.C., Zincir-Heywood, N.: Anomaly detection for insider threats using unsupervised ensembles. IEEE Trans. Netw. Serv. Manage. 18(2), 1152\u20131164 (2021)","journal-title":"IEEE Trans. Netw. Serv. Manage."},{"issue":"1","key":"10_CR36","doi-asserted-by":"publisher","first-page":"30","DOI":"10.1109\/TNSM.2020.2967721","volume":"17","author":"DC Le","year":"2020","unstructured":"Le, D.C., Zincir-Heywood, N., Heywood, M.I.: Analyzing data granularity levels for insider threat detection using machine learning. IEEE Trans. Netw. Serv. Manage. 17(1), 30\u201344 (2020)","journal-title":"IEEE Trans. Netw. Serv. Manage."},{"issue":"8","key":"10_CR37","doi-asserted-by":"publisher","first-page":"685","DOI":"10.1016\/S0167-4048(03)00007-5","volume":"22","author":"J Leach","year":"2003","unstructured":"Leach, J.: Improving user security behaviour. Comput. Secur. 22(8), 685\u2013692 (2003)","journal-title":"Comput. Secur."},{"key":"10_CR38","first-page":"1","volume":"2021","author":"D Li","year":"2021","unstructured":"Li, D., Yang, L., Zhang, H., Wang, X., Ma, L., Xiao, J.: Image-based insider threat detection via geometric transformation. Secur. Commun. Netw. 2021, 1\u201318 (2021)","journal-title":"Secur. Commun. Netw."},{"key":"10_CR39","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-642-03549-4_1","volume-title":"Financial Cryptography and Data Security","author":"D Liu","year":"2009","unstructured":"Liu, D., Wang, X.F., Camp, L.J.: Mitigating inadvertent insider threats with incentives. In: Dingledine, R., Golle, P. (eds.) FC 2009. LNCS, vol. 5628, pp. 1\u201316. Springer, Heidelberg (2009). https:\/\/doi.org\/10.1007\/978-3-642-03549-4_1"},{"key":"10_CR40","doi-asserted-by":"crossref","unstructured":"Liu, F., Wen, Y., Zhang, D., et\u00a0al.: Log2vec: a heterogeneous graph embedding based approach for detecting cyber threats within enterprise. In: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, CCS 2019, London, UK, 11\u201315 November 2019, pp. 1777\u20131794. ACM (2019)","DOI":"10.1145\/3319535.3363224"},{"issue":"2","key":"10_CR41","doi-asserted-by":"publisher","first-page":"1397","DOI":"10.1109\/COMST.2018.2800740","volume":"20","author":"L Liu","year":"2018","unstructured":"Liu, L., De Vel, O., Han, Q.L., Zhang, J., Xiang, Y.: Detecting and preventing cyber insider threats: a survey. IEEE Commun. Surv. Tutor. 20(2), 1397\u20131417 (2018)","journal-title":"IEEE Commun. Surv. Tutor."},{"issue":"2","key":"10_CR42","doi-asserted-by":"publisher","first-page":"1397","DOI":"10.1109\/COMST.2018.2800740","volume":"20","author":"L Liu","year":"2018","unstructured":"Liu, L., de Vel, O.Y., Han, Q., et al.: Detecting and preventing cyber insider threats: a survey. IEEE Commun. Surv. Tutor. 20(2), 1397\u20131417 (2018)","journal-title":"IEEE Commun. Surv. Tutor."},{"key":"10_CR43","unstructured":"Cybercrime Magazine: State of cybercrime 2017: Security events decline, but not the impact (2017). https:\/\/www.csoonline.com\/article\/562433\/state-of-cybercrime-2017-security-events-decline-but-not-the-impact.html. Accessed 25 Dec 2023"},{"key":"10_CR44","unstructured":"Magklaras, G., Furnell, S.: The insider threat prediction and specification language. In: Ninth International Network Conference (INC 2012), Port Elizabeth, South Africa, 11\u201312 July 2012, Proceedings, pp. 51\u201361. University of Plymouth (2012)"},{"key":"10_CR45","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"146","DOI":"10.1007\/978-3-540-74320-0_8","volume-title":"Recent Advances in Intrusion Detection","author":"MA Maloof","year":"2007","unstructured":"Maloof, M.A., Stephens, G.D.: elicit: a system for detecting insiders who violate need-to-know. In: Kruegel, C., Lippmann, R., Clark, A. (eds.) RAID 2007. LNCS, vol. 4637, pp. 146\u2013166. Springer, Heidelberg (2007). https:\/\/doi.org\/10.1007\/978-3-540-74320-0_8"},{"key":"10_CR46","unstructured":"Mathew, S., Upadhyaya, S.J., Ha, D.T., et\u00a0al.: Insider abuse comprehension through capability acquisition graphs. In: FUSION, pp.\u00a01\u20138. IEEE (2008)"},{"key":"10_CR47","doi-asserted-by":"publisher","first-page":"143266","DOI":"10.1109\/ACCESS.2021.3118297","volume":"9","author":"R Nasir","year":"2021","unstructured":"Nasir, R., Afzal, M., Latif, R., Iqbal, W.: Behavioral based insider threat detection using deep learning. IEEE Access 9, 143266\u2013143274 (2021)","journal-title":"IEEE Access"},{"key":"10_CR48","doi-asserted-by":"crossref","unstructured":"Osterritter, L., Carley, K.M.: Conversations around organizational risk and insider threat. In: Proceedings of the 2021 IEEE\/ACM International Conference on Advances in Social Networks Analysis and Mining, pp. 613\u2013621 (2021)","DOI":"10.1145\/3487351.3492721"},{"key":"10_CR49","doi-asserted-by":"crossref","unstructured":"Raut, M., Dhavale, S., Singh, A., Mehra, A.: Insider threat detection using deep learning: a review. In: 2020 3rd International Conference on Intelligent Sustainable Systems (ICISS), pp. 856\u2013863. IEEE (2020)","DOI":"10.1109\/ICISS49785.2020.9315932"},{"key":"10_CR50","doi-asserted-by":"publisher","unstructured":"Roberts, S.C., Holodnak, J.T., Nguyen, T., Yuditskaya, S., Milosavljevic, M., Streilein, W.W.: A model-based approach to predicting the performance of insider threat detection systems. In: 2016 IEEE Security and Privacy Workshops (SPW), pp. 314\u2013323 (2016). https:\/\/doi.org\/10.1109\/SPW.2016.14","DOI":"10.1109\/SPW.2016.14"},{"key":"10_CR51","series-title":"Advances in Information Security","doi-asserted-by":"publisher","first-page":"69","DOI":"10.1007\/978-0-387-77322-3_5","volume-title":"Insider Attack and Cyber Security - Beyond the Hacker","author":"MB Salem","year":"2008","unstructured":"Salem, M.B., Hershkop, S., Stolfo, S.J.: A survey of insider attack detection research. In: Stolfo, S.J., Bellovin, S.M., Keromytis, A.D., Hershkop, S., Smith, S.W., Sinclair, S. (eds.) Insider Attack and Cyber Security - Beyond the Hacker. Advances in Information Security, vol. 39, pp. 69\u201390. Springer, Boston (2008). https:\/\/doi.org\/10.1007\/978-0-387-77322-3_5"},{"key":"10_CR52","doi-asserted-by":"publisher","first-page":"65703","DOI":"10.1109\/ACCESS.2022.3183083","volume":"10","author":"S Salloum","year":"2022","unstructured":"Salloum, S., Gaber, T., Vadera, S., Shaalan, K.: A systematic literature review on phishing email detection using natural language processing techniques. IEEE Access 10, 65703\u201365727 (2022)","journal-title":"IEEE Access"},{"key":"10_CR53","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1186\/s40537-020-00318-5","volume":"7","author":"IH Sarker","year":"2020","unstructured":"Sarker, I.H., Kayes, A., Badsha, S., et al.: Cybersecurity data science: an overview from machine learning perspective. J. Big Data 7, 1\u201329 (2020)","journal-title":"J. Big Data"},{"key":"10_CR54","unstructured":"Schoenherr, J.R., Lilja-Lolax, K., Gioe, D.: Multiple approach paths to insider threat (map-it): intentional, ambivalent and unintentional insider threats. Counter-Insider Threat Res. Pract. 1(1) (2022)"},{"issue":"2","key":"10_CR55","doi-asserted-by":"publisher","first-page":"1","DOI":"10.4018\/IJCWT.2020040101","volume":"10","author":"NM Sheykhkanloo","year":"2020","unstructured":"Sheykhkanloo, N.M., Hall, A.J.: Insider threat detection using supervised machine learning algorithms on an extremely imbalanced dataset. Int. J. Cyber Warf. Terror. 10(2), 1\u201326 (2020)","journal-title":"Int. J. Cyber Warf. Terror."},{"key":"10_CR56","series-title":"Communications in Computer and Information Science","doi-asserted-by":"publisher","first-page":"559","DOI":"10.1007\/978-981-15-6318-8_45","volume-title":"Machine Learning, Image Processing, Network Security and Data Sciences","author":"M Singh","year":"2020","unstructured":"Singh, M., Mehtre, B.M., Sangeetha, S.: Insider threat detection based on user behaviour analysis. In: Bhattacharjee, A., Borgohain, S.K., Soni, B., Verma, G., Gao, X.-Z. (eds.) MIND 2020. CCIS, vol. 1241, pp. 559\u2013574. Springer, Singapore (2020). https:\/\/doi.org\/10.1007\/978-981-15-6318-8_45"},{"issue":"4","key":"10_CR57","doi-asserted-by":"publisher","first-page":"441","DOI":"10.2307\/249551","volume":"22","author":"DW Straub","year":"1998","unstructured":"Straub, D.W., Welke, R.J.: Coping with systems risk: security planning models for management decision making. MIS Q. 22(4), 441\u2013469 (1998)","journal-title":"MIS Q."},{"key":"10_CR58","doi-asserted-by":"crossref","unstructured":"Vance, A., Molyneux, B., Lowry, P.B.: Reducing unauthorized access by insiders through user interface design: making end users accountable. In: HICSS-45, pp. 4623\u20134632. IEEE Computer Society (2012)","DOI":"10.1109\/HICSS.2012.499"},{"key":"10_CR59","doi-asserted-by":"crossref","unstructured":"Vlajic, N., Petrovic, S., Cianfarani, G.: PIRAT - tool for automated cyber-risk assessment of PLC components & systems deploying NVD CVE & MITRE ATT &CK databases. In: ICCPS, pp. 237\u2013238. ACM (2023)","DOI":"10.1145\/3576841.3589614"},{"issue":"24","key":"10_CR60","doi-asserted-by":"publisher","first-page":"13021","DOI":"10.3390\/app132413021","volume":"13","author":"J Wang","year":"2023","unstructured":"Wang, J., Sun, Q., Zhou, C.: Insider threat detection based on deep clustering of multi-source behavioral events. Appl. Sci. 13(24), 13021 (2023)","journal-title":"Appl. Sci."},{"key":"10_CR61","volume":"38","author":"Y Wei","year":"2021","unstructured":"Wei, Y., Chow, K.P., Yiu, S.M.: Insider threat prediction based on unsupervised anomaly detection scheme for proactive forensic investigation. Forensic Sci. Int. Digit. Invest. 38, 301126 (2021)","journal-title":"Forensic Sci. Int. Digit. Invest."},{"issue":"1","key":"10_CR62","doi-asserted-by":"publisher","first-page":"1","DOI":"10.25300\/MISQ\/2013\/37.1.01","volume":"37","author":"R Willison","year":"2013","unstructured":"Willison, R., Warkentin, M.: Beyond deterrence: an expanded view of employee computer abuse. MIS Q. 37(1), 1\u201320 (2013)","journal-title":"MIS Q."},{"key":"10_CR63","doi-asserted-by":"crossref","unstructured":"Yu, H., Li, A., Jiang, R.: Needle in a haystack: attack detection from large-scale system audit. In: 19th IEEE International Conference on Communication Technology, ICCT 2019, Xi\u2019an, China, 16\u201319 October 2019, pp. 1418\u20131426. IEEE (2019)","DOI":"10.1109\/ICCT46805.2019.8947201"},{"key":"10_CR64","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2021.102221","volume":"104","author":"S Yuan","year":"2021","unstructured":"Yuan, S., Wu, X.: Deep learning for insider threat detection: review, challenges and opportunities. Comput. Secur. 104, 102221 (2021)","journal-title":"Comput. Secur."},{"key":"10_CR65","doi-asserted-by":"crossref","unstructured":"Yuan, S., Zheng, P., Wu, X., Tong, H.: Few-shot insider threat detection. In: Proceedings of the 29th ACM International Conference on Information & Knowledge Management, pp. 2289\u20132292 (2020)","DOI":"10.1145\/3340531.3412161"}],"container-title":["Lecture Notes in Computer Science","Knowledge Science, Engineering and Management"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-981-97-5489-2_10","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,11,24]],"date-time":"2024-11-24T21:27:58Z","timestamp":1732483678000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-981-97-5489-2_10"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024]]},"ISBN":["9789819754885","9789819754892"],"references-count":65,"URL":"https:\/\/doi.org\/10.1007\/978-981-97-5489-2_10","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024]]},"assertion":[{"value":"27 July 2024","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"KSEM","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Knowledge Science, Engineering and Management","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Birmingham","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"United Kingdom","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2024","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"16 August 2024","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"18 August 2024","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"17","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"ksem2024","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/ai-edge.net\/index.html","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}