{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,14]],"date-time":"2026-03-14T21:38:06Z","timestamp":1773524286060,"version":"3.50.1"},"reference-count":159,"publisher":"Springer Science and Business Media LLC","issue":"24","license":[{"start":{"date-parts":[[2024,10,4]],"date-time":"2024-10-04T00:00:00Z","timestamp":1728000000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,10,4]],"date-time":"2024-10-04T00:00:00Z","timestamp":1728000000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Multimed Tools Appl"],"DOI":"10.1007\/s11042-024-20273-0","type":"journal-article","created":{"date-parts":[[2024,10,4]],"date-time":"2024-10-04T07:02:35Z","timestamp":1728025355000},"page":"28909-28949","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":5,"title":["Machine learning approaches to detect, prevent and mitigate malicious insider threats: State-of-the-art review"],"prefix":"10.1007","volume":"84","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-3439-8139","authenticated-orcid":false,"given":"Ayshwarya","family":"Jaiswal","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Pragya","family":"Dwivedi","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Rupesh Kumar","family":"Dewang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2024,10,4]]},"reference":[{"issue":"10","key":"20273_CR1","doi-asserted-by":"publisher","first-page":"1258","DOI":"10.3390\/e23101258","volume":"23","author":"T Al-Shehari","year":"2021","unstructured":"Al-Shehari T, Alsowail RA (2021) An insider data leakage detection using one-hot encoding, synthetic minority oversampling and machine learning techniques. Entropy 23(10):1258","journal-title":"Entropy"},{"issue":"1","key":"20273_CR2","doi-asserted-by":"publisher","first-page":"103877","DOI":"10.1016\/j.im.2023.103877","volume":"61","author":"K Renaud","year":"2024","unstructured":"Renaud K, Warkentin M, Pogrebna G, Schyff K (2024) Vista: an inclusive insider threat taxonomy, with mitigation strategies. Inf Manag 61(1):103877","journal-title":"Inf Manag"},{"key":"20273_CR3","unstructured":"Le DC, Zincir-Heywood AN (2019) Machine learning based insider threat modelling and detection. IEEE"},{"key":"20273_CR4","doi-asserted-by":"publisher","first-page":"103350","DOI":"10.1016\/j.cose.2023.103350","volume":"132","author":"B Racherache","year":"2023","unstructured":"Racherache B, Shirani P, Soeanu A, Debbabi M (2023) Cpid: insider threat detection using profiling and cyber-persona identification. Comput Secur 132:103350","journal-title":"Comput Secur"},{"issue":"2","key":"20273_CR5","doi-asserted-by":"publisher","first-page":"107","DOI":"10.1057\/sj.2012.1","volume":"26","author":"DS Wall","year":"2013","unstructured":"Wall DS (2013) Enemies within: redefining the insider threat in organizational security policy. Secur J 26(2):107\u2013124","journal-title":"Secur J"},{"issue":"3","key":"20273_CR6","doi-asserted-by":"publisher","first-page":"660","DOI":"10.1109\/TCSS.2018.2857473","volume":"5","author":"P Chattopadhyay","year":"2018","unstructured":"Chattopadhyay P, Wang L, Tan YP (2018) Scenario-based insider threat detection from cyber activities. IEEE Trans Comput Soc Syst 5(3):660\u2013675","journal-title":"IEEE Trans Comput Soc Syst"},{"issue":"2","key":"20273_CR7","doi-asserted-by":"publisher","first-page":"75","DOI":"10.1109\/EMR.2019.2914612","volume":"47","author":"FL Greitzer","year":"2019","unstructured":"Greitzer FL, Purl J, Leong YM, Sticha PJ (2019) Positioning your organization to respond to insider threats. IEEE Eng Manag Rev 47(2):75\u201383","journal-title":"IEEE Eng Manag Rev"},{"issue":"14s","key":"20273_CR8","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3582077","volume":"55","author":"M-H Chung","year":"2023","unstructured":"Chung M-H, Yang Y, Wang L, Cento G, Jerath K, Raman A, Lie D, Chignell MH (2023) Implementing data exfiltration defense in situ: a survey of countermeasures and human involvement. ACM Comput Surv 55(14s):1\u201337","journal-title":"ACM Comput Surv"},{"key":"20273_CR9","doi-asserted-by":"crossref","unstructured":"Bishop M, Engle S, Frincke DA, Gates C, Greitzer FL, Peisert S, Whalen S (2010) A risk management approach to the \u201cinsider threat.\u201d Insider Threats in Cyber Security. MA. Springer, Boston, pp 115\u2013137","DOI":"10.1007\/978-1-4419-7133-3_6"},{"issue":"4","key":"20273_CR10","first-page":"706","volume":"62","author":"A Georgiadou","year":"2022","unstructured":"Georgiadou A, Mouzakitis S, Askounis D (2022) Detecting insider threat via a cyber-security culture framework. J Comput Inf Syst 62(4):706\u2013716","journal-title":"J Comput Inf Syst"},{"key":"20273_CR11","doi-asserted-by":"crossref","unstructured":"Al-Shehari T, Alsowail RA (2022) Random resampling algorithms for addressing the imbalanced dataset classes in insider threat detection. Int J Inf Secur 1\u201319","DOI":"10.1007\/s10207-022-00651-1"},{"issue":"9","key":"20273_CR12","doi-asserted-by":"publisher","first-page":"1460","DOI":"10.3390\/electronics9091460","volume":"9","author":"N Saxena","year":"2020","unstructured":"Saxena N, Hayes E, Bertino E, Ojo P, Choo KKR, Burnap P (2020) Impact and key challenges of insider threats on organizations and critical businesses. Electronics 9(9):1460","journal-title":"Electronics"},{"issue":"6","key":"20273_CR13","first-page":"1101","volume":"62","author":"E Machado de Sousa","year":"2022","unstructured":"Machado de Sousa E, Shahzad A (2022) Data loss prevention from a malicious insider. J Comput Inf Syst 62(6):1101\u20131111","journal-title":"J Comput Inf Syst"},{"key":"20273_CR14","volume-title":"Common Sense Guide to Mitigating Insider Threats","author":"M Collins","year":"2016","unstructured":"Collins M (2016) Common Sense Guide to Mitigating Insider Threats. Carnegie-Mellon Univ, Pittsburgh, United States"},{"key":"20273_CR15","unstructured":"Morrow S (2020) 8 of the world\u2019s biggest insider threat security incidents. https:\/\/resources.infosecinstitute.com\/topic\/8-of-the-worlds-biggest-insider-threat-security-incidents\/"},{"key":"20273_CR16","unstructured":"exabeam: Insider Threat Examples: 3 Famous Cases and 4 Preventive Measures. https:\/\/www.exabeam.com\/explainers\/insider-threat\/insider-threat-examples\/"},{"key":"20273_CR17","first-page":"19","volume-title":"Insider threat detection: machine learning way","author":"MS Raval","year":"2018","unstructured":"Raval MS, Gandhi R, Chaudhary S (2018) Insider threat detection: machine learning way. Versatile Cybersecurity, Cham, pp 19\u201353"},{"issue":"4","key":"20273_CR18","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-031-01890-9","volume":"4","author":"E Bertino","year":"2012","unstructured":"Bertino E (2012) Data protection from insider threats. Synth Lect Data Manag 4(4):1\u201391","journal-title":"Synth Lect Data Manag"},{"key":"20273_CR19","unstructured":"Securonix (2024) Cybersecurity Insiders: Trends challenges and solutions. https:\/\/www.securonix.com\/wp-content\/uploads\/2024\/01\/2024-Insider-Threat-Report-Securonix-final.pdf"},{"key":"20273_CR20","first-page":"1","volume":"3","author":"K Sebastian","year":"2019","unstructured":"Sebastian K (2019) Distinguishing between the strains grounded theory: classical, interpretive and constructivist. J Soc Thought 3:1","journal-title":"J Soc Thought"},{"key":"20273_CR21","doi-asserted-by":"publisher","first-page":"78385","DOI":"10.1109\/ACCESS.2020.2989739","volume":"8","author":"RA Alsowail","year":"2020","unstructured":"Alsowail RA, Al-Shehari T (2020) Empirical detection techniques of insider threat incidents. IEEE Access 8:78385\u201378402","journal-title":"IEEE Access"},{"key":"20273_CR22","doi-asserted-by":"publisher","first-page":"84","DOI":"10.1016\/j.isatra.2023.06.030","volume":"141","author":"W Hong","year":"2023","unstructured":"Hong W, Yin J, You M, Wang H, Cao J, Li J, Liu M, Man C (2023) A graph empowered insider threat detection framework based on daily activities. ISA Trans 141:84\u201392","journal-title":"ISA Trans"},{"issue":"1","key":"20273_CR23","first-page":"1","volume":"3","author":"P Zheng","year":"2021","unstructured":"Zheng P, Yuan S, Wu X (2021) Using dirichlet marked hawkes processes for insider threat detection. Digit Threats Res Pract (DTRAP) 3(1):1\u201319","journal-title":"Digit Threats Res Pract (DTRAP)"},{"issue":"11","key":"20273_CR24","doi-asserted-by":"publisher","first-page":"1612","DOI":"10.1093\/comjnl\/bxw020","volume":"59","author":"MJ Alhanahnah","year":"2016","unstructured":"Alhanahnah MJ, Jhumka A, Alouneh S (2016) A multidimension taxonomy of insider threats in cloud computing. Comput J 59(11):1612\u20131622","journal-title":"Comput J"},{"issue":"2","key":"20273_CR25","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3303771","volume":"52","author":"I Homoliak","year":"2019","unstructured":"Homoliak I, Toffalini F, Guarnizo J, Elovici Y, Ochoa M (2019) Insight into insiders and it: a survey of insider threat taxonomies, analysis, modeling, and countermeasures. ACM Comput Surv (CSUR) 52(2):1\u201340","journal-title":"ACM Comput Surv (CSUR)"},{"key":"20273_CR26","doi-asserted-by":"crossref","unstructured":"Masood A, Masood A (2021) A taxonomy of insider threat in isolated (air-gapped) computer networks. In: 2021 International Bhurban Conference on Applied Sciences and Technologies (IBCAST), pp 678\u2013685. IEEE","DOI":"10.1109\/IBCAST51254.2021.9393281"},{"key":"20273_CR27","doi-asserted-by":"crossref","unstructured":"Rashid T, Agrafiotis I, Nurse JR (2016) A new take on detecting insider threats: exploring the use of hidden markov models. In: Proceedings of the 8th ACM CCS international workshop on managing insider security threats, pp 47\u201356","DOI":"10.1145\/2995959.2995964"},{"issue":"10759","key":"20273_CR28","first-page":"7","volume":"97","author":"MN Al-Mhiqani","year":"2022","unstructured":"Al-Mhiqani MN, Ahmad R, Abidin ZZ, Abdulkareem KH, Mohammed MA, Gupta D, Shankar K (2022) A new intelligent multilayer framework for insider threat detection. Comput Electr Eng 97(10759):7","journal-title":"Comput Electr Eng"},{"key":"20273_CR29","doi-asserted-by":"crossref","unstructured":"Le DC, Zincir-Heywood AN (2018) Evaluating insider threat detection workflow using supervised and unsupervised learning. In: IEEE Security and Privacy Workshops (SPW). IEEE, pp 270\u2013275","DOI":"10.1109\/SPW.2018.00043"},{"key":"20273_CR30","doi-asserted-by":"crossref","unstructured":"Le DC, Zincir-Heywood AN, Heywood MI (2019) Dynamic insider threat detection based on adaptable genetic programming. In: IEEE Symposium Series on Computational Intelligence (SSCI). IEEE, pp 2579\u20132586","DOI":"10.1109\/SSCI44817.2019.9003134"},{"key":"20273_CR31","doi-asserted-by":"crossref","unstructured":"Aldairi M, Karimi L, Joshi J (2019) A trust aware unsupervised learning approach for insider threat detection. IEEE","DOI":"10.1109\/IRI.2019.00027"},{"key":"20273_CR32","unstructured":"Emmott A, Das S, Dietterich T, Fern A, Wong WK (2015) A meta-analysis of the anomaly detection problem. Preprint"},{"key":"20273_CR33","doi-asserted-by":"crossref","unstructured":"Lo O, Buchanan WJ, Griffiths P, Macfarlane R (2018) Distance measurement methods for improved insider threat detection. Secur Commun Netw","DOI":"10.1155\/2018\/5906368"},{"key":"20273_CR34","doi-asserted-by":"crossref","unstructured":"Lv Q, Wang Y, Wang L, Wang D (2018) Towards a user and role-based behavior analysis method for insider threat detection. In: International conference on network infrastructure and digital content (IC-NIDC). IEEE","DOI":"10.1109\/ICNIDC.2018.8525804"},{"key":"20273_CR35","doi-asserted-by":"crossref","unstructured":"Ferreira P, Le DC, Zincir-Heywood N (2019) Exploring feature normalization and temporal information for machine learning based insider threat detection. In: 15th International Conference on Network and Service Management (CNSM). IEEE","DOI":"10.23919\/CNSM46954.2019.9012708"},{"issue":"10851","key":"20273_CR36","first-page":"9","volume":"105","author":"S Asha","year":"2023","unstructured":"Asha S, Shanmugapriya D, Padmavathi G (2023) Malicious insider threat detection using variation of sampling methods for anomaly detection in cloud environment. Comput Electr Eng 105(10851):9","journal-title":"Comput Electr Eng"},{"issue":"30112","key":"20273_CR37","first-page":"6","volume":"38","author":"Y Wei","year":"2021","unstructured":"Wei Y, Chow KP, Yiu SM (2021) Insider threat prediction based on unsupervised anomaly detection scheme for proactive forensic investigation. Forensic Scie Int Digit Investig 38(30112):6","journal-title":"Forensic Scie Int Digit Investig"},{"key":"20273_CR38","doi-asserted-by":"crossref","unstructured":"Huang W, Zhu H, Li C, Lv Q, Wang Y, Yang H (2021) ITDBERT: temporal-semantic representation for insider threat detection. In: IEEE Symposium on Computers and Communications (ISCC). IEEE","DOI":"10.1109\/ISCC53001.2021.9631538"},{"issue":"10306","key":"20273_CR39","first-page":"6","volume":"126","author":"M AlSlaiman","year":"2023","unstructured":"AlSlaiman M, Salman MI, Saleh MM, Wang B (2023) Enhancing false negative and positive rates for efficient insider threat detection. Comput Secur 126(10306):6","journal-title":"Comput Secur"},{"key":"20273_CR40","doi-asserted-by":"crossref","unstructured":"Yuan F, Cao Y, Shang Y, Liu Y, Tan J, Fang B (2018) Insider threat detection with deep neural network","DOI":"10.1007\/978-3-319-93698-7_4"},{"key":"20273_CR41","doi-asserted-by":"crossref","unstructured":"Lu J, Wong RK (2019) Insider threat detection with long short-term memory. In: Proceedings of the Australasian computer science week multiconference, pp 1\u201310","DOI":"10.1145\/3290688.3290692"},{"key":"20273_CR42","doi-asserted-by":"crossref","unstructured":"Sharma B, Pokharel P, Joshi B (2020) User behavior analytics for anomaly detection using LSTM autoencoder-insider threat detection. In: Proceedings of the 11th international conference on advances in information technology","DOI":"10.1145\/3406601.3406610"},{"key":"20273_CR43","doi-asserted-by":"crossref","unstructured":"Yuan F, Shang Y, Liu Y, Cao Y, Tan J (2019) Attention-based LSTM for insider threat detection. In: International conference on applications and techniques in information security. Singapore","DOI":"10.1007\/978-981-15-0871-4_15"},{"key":"20273_CR44","doi-asserted-by":"publisher","first-page":"351","DOI":"10.1016\/j.eswa.2019.05.043","volume":"135","author":"C Soh","year":"2019","unstructured":"Soh C, Yu S, Narayanan A, Duraisamy S, Chen L (2019) Employee profiling via aspect-based sentiment and network for insider threats detection. Expert Syst Appl 135:351\u2013361","journal-title":"Expert Syst Appl"},{"key":"20273_CR45","doi-asserted-by":"crossref","unstructured":"Meng F, Lu P, Li J, Hu T, Yin M, Lou F (2021) GRU and Multi-autoencoder based Insider Threat Detection for Cyber Security. In: IEEE Sixth international conference on Data Science in Cyberspace (DSC). IEEE","DOI":"10.1109\/DSC53577.2021.00035"},{"key":"20273_CR46","doi-asserted-by":"crossref","unstructured":"Ahmad MB, Akram A, Asif M, Ur-Rehman S (2014) Using genetic algorithm to minimize false alarms in insider threats detection of information misuse in windows environment. Math Probl Eng","DOI":"10.1155\/2014\/179109"},{"key":"20273_CR47","doi-asserted-by":"crossref","unstructured":"Jiang J, Chen J, Gu T, Choo KKR, Liu C, Yu M, Mohapatra P (2019) Anomaly detection with graph convolutional networks for insider threat and fraud detection. In: MILCOM-2019 IEEE Military Communications Conference (MILCOM). IEEE, pp 109\u2013114","DOI":"10.1109\/MILCOM47813.2019.9020760"},{"key":"20273_CR48","doi-asserted-by":"crossref","unstructured":"Anju A, Krishnamurthy M (2024) M-eos: modified-equilibrium optimization-based stacked cnn for insider threat detection. Wirel Netw 1\u201320","DOI":"10.1007\/s11276-024-03678-5"},{"key":"20273_CR49","doi-asserted-by":"publisher","first-page":"838","DOI":"10.1016\/j.cose.2018.03.006","volume":"77","author":"J Happa","year":"2018","unstructured":"Happa J et al (2018) Insider-threat detection using gaussian mixture models and sensitivity profiles. Comput Secur 77:838\u2013859","journal-title":"Comput Secur"},{"issue":"2","key":"20273_CR50","doi-asserted-by":"publisher","first-page":"1152","DOI":"10.1109\/TNSM.2021.3071928","volume":"18","author":"DC Le","year":"2021","unstructured":"Le DC, Zincir-Heywood N (2021) Anomaly detection for insider threats using unsupervised ensembles. IEEE Trans Netw Serv Manag 18(2):1152\u20131164","journal-title":"IEEE Trans Netw Serv Manag"},{"key":"20273_CR51","doi-asserted-by":"crossref","unstructured":"Gavai G, Sricharan K, Gunning D, Rolleston R, Hanley J, Singhal M (2015) Detecting insider threat from enterprise social and online activity data. In: Proceedings of the 7th ACM CCS international workshop on managing insider security threats 7, pp 13\u201320","DOI":"10.1145\/2808783.2808784"},{"key":"20273_CR52","doi-asserted-by":"crossref","unstructured":"Senator TE, Goldberg HG, Memory A, Young WT, Rees B, Pierce R (2013) Jensen: detecting insider threats in a real corporate database of computer usage activity. In: Proceedings of the 19th ACM SIGKDD international conference on Knowledge discovery and data mining","DOI":"10.1145\/2487575.2488213"},{"key":"20273_CR53","doi-asserted-by":"crossref","unstructured":"Mavroeidis V, Vishi K, J\u00f8sang A (2018) A framework for data-driven physical security and insider threat detection. In: IEEE\/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM). IEEE","DOI":"10.1109\/ASONAM.2018.8508599"},{"key":"20273_CR54","doi-asserted-by":"crossref","unstructured":"Mayhew M, Atighetchi M, Adler A, Greenstadt R (2015) Use of machine learning in big data analytics for insider threat detection. In: MILCOM 2015 - 2015 IEEE military communications conference. IEEE, pp 915\u2013922","DOI":"10.1109\/MILCOM.2015.7357562"},{"issue":"4","key":"20273_CR55","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3396608","volume":"14","author":"S Das","year":"2020","unstructured":"Das S, Wong WK, Dietterich T, Fern A, Emmott A (2020) Discovering anomalies by incorporating feedback from an expert. ACM Trans Knowl Discov Data (TKDD) 14(4):1\u201332","journal-title":"ACM Trans Knowl Discov Data (TKDD)"},{"issue":"2","key":"20273_CR56","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1145\/2694737.2694740","volume":"48","author":"N Nostro","year":"2014","unstructured":"Nostro N, Ceccarelli A, Bondavalli A, Brancati F (2014) Insider threat assessment: a model-based methodology. ACM SIGOPS Oper Syst Rev 48(2):3\u201312","journal-title":"ACM SIGOPS Oper Syst Rev"},{"key":"20273_CR57","doi-asserted-by":"crossref","unstructured":"Chaipa S, Ngassam EK, Shawren S (2022) Towards a new taxonomy of insider threats. In: IST-Africa Conference (IST-Africa). IEEE, pp 1\u201310","DOI":"10.23919\/IST-Africa56635.2022.9845581"},{"key":"20273_CR58","unstructured":"Rosenberg J (2017) Security in embedded systems. Rugged Embed Syst Comput Harsh Environ 3(3)"},{"issue":"1","key":"20273_CR59","doi-asserted-by":"publisher","first-page":"1","DOI":"10.4102\/sajim.v23i1.1277","volume":"23","author":"J Chigada","year":"2021","unstructured":"Chigada J, Madzinga R (2021) Cyberattacks and threats during covid-19: a systematic literature review. S Afr J Inf Manag 23(1):1\u201311","journal-title":"S Afr J Inf Manag"},{"key":"20273_CR60","doi-asserted-by":"publisher","first-page":"25167","DOI":"10.1109\/ACCESS.2018.2817560","volume":"6","author":"S Walker-Roberts","year":"2018","unstructured":"Walker-Roberts S, Hammoudeh M, Dehghantanha A (2018) A systematic review of the availability and efficacy of countermeasures to internal threats in healthcare critical infrastructure. IEEE Access 6:25167\u201325177","journal-title":"IEEE Access"},{"key":"20273_CR61","unstructured":"(2023) techreport: 31 Insider Threat Stats You Need To Know In 2023. https:\/\/www.softactivity.com\/ideas\/insider-threat-statistics\/"},{"key":"20273_CR62","unstructured":"(2023) CyberSecurity Insiders: insider-threat-report. https:\/\/www.fortinet.com\/content\/dam\/fortinet\/assets\/threat-reports\/insider-threat-report.pdf"},{"key":"20273_CR63","unstructured":"Costa D Patterns and Trends in Insider Threats Across Industry Sectors, Carnegie Mellon University, Software Engineering Institute\u2019s Insights (blog). https:\/\/insights.sei.cmu.edu\/blog\/. Accessed: 15 Jul 2024"},{"issue":"3","key":"20273_CR64","doi-asserted-by":"publisher","first-page":"112","DOI":"10.1016\/j.istr.2010.11.002","volume":"15","author":"KR Sarkar","year":"2010","unstructured":"Sarkar KR (2010) Assessing insider threats to information security using technical, behavioural and organisational measures. Tech Rep Inf Secur Tech Rep 15(3):112\u2013133","journal-title":"Tech Rep Inf Secur Tech Rep"},{"key":"20273_CR65","doi-asserted-by":"crossref","unstructured":"Greitzer FL, Strozer JR, Cohen S, Moore AP, Mundie D, Cowley J (2014) Analysis of unintentional insider threats deriving from social engineering exploits. In: IEEE security and privacy workshops. IEEE, pp 236\u2013250","DOI":"10.1109\/SPW.2014.39"},{"key":"20273_CR66","first-page":"113","volume":"22","author":"K Krombholz","year":"2015","unstructured":"Krombholz K, Hobel H, Huber M, Weippl E (2015) Advanced social engineering attacks. J Inf Secur Appl 22:113\u2013122","journal-title":"J Inf Secur Appl"},{"key":"20273_CR67","doi-asserted-by":"publisher","first-page":"12","DOI":"10.1016\/S1361-3723(16)30091-4","volume":"11","author":"J Eggenschwiler","year":"2016","unstructured":"Eggenschwiler J, Agrafiotis I, Nurse JR (2016) Insider threat response and recovery strategies in financial services firms. Comput Fraud Secur 11:12\u201319","journal-title":"Comput Fraud Secur"},{"key":"20273_CR68","doi-asserted-by":"crossref","unstructured":"Nurse JR, Buckley O, Legg PA, Goldsmith M, Creese S, Wright GR, Whitty M (2014) Understanding insider threat: a framework for characterising attacks. In: IEEE security and privacy workshops. IEEE, pp 214\u2013228","DOI":"10.1109\/SPW.2014.38"},{"key":"20273_CR69","doi-asserted-by":"crossref","unstructured":"Gunasekhar T, Rao KT, Basu MT (2015) Understanding insider attack problem and scope in cloud. In: International Conference on Circuits Power and Computing Technologies [ICCPCT-2015]. IEEE","DOI":"10.1109\/ICCPCT.2015.7159380"},{"issue":"2","key":"20273_CR70","doi-asserted-by":"publisher","first-page":"1397","DOI":"10.1109\/COMST.2018.2800740","volume":"20","author":"L Liu","year":"2018","unstructured":"Liu L, De Vel O, Han QL, Zhang J, Xiang Y (2018) Detecting and preventing cyber insider threats: a survey. IEEE Commun Surv Tutor 20(2):1397\u20131417","journal-title":"IEEE Commun Surv Tutor"},{"issue":"15","key":"20273_CR71","doi-asserted-by":"publisher","first-page":"5208","DOI":"10.3390\/app10155208","volume":"10","author":"MN Al-Mhiqani","year":"2020","unstructured":"Al-Mhiqani MN, Ahmad R, Zainal Abidin Z, Yassin W, Hassan A, Abdulkareem KH, Yunos Z (2020) A review of insider threat detection: classification, machine learning techniques, datasets, open challenges, and recommendations. Appl Sci 10(15):5208","journal-title":"Appl Sci"},{"key":"20273_CR72","unstructured":"Waters MD (2016) Identifying and preventing insider threats"},{"issue":"3","key":"20273_CR73","doi-asserted-by":"publisher","first-page":"168","DOI":"10.1504\/IJSN.2017.084391","volume":"12","author":"LL Ko","year":"2017","unstructured":"Ko LL, Divakaran DM, Liau YS, Thing VL (2017) Insider threat detection and its future directions. Int J Secur Netw 12(3):168\u2013187","journal-title":"Int J Secur Netw"},{"issue":"5","key":"20273_CR74","doi-asserted-by":"publisher","first-page":"14","DOI":"10.1016\/S1361-3723(21)00054-3","volume":"2021","author":"J Abulencia","year":"2021","unstructured":"Abulencia J (2021) Insider attacks: human-factors attacks and mitigation. Comput Fraud Secur 2021(5):14\u201317","journal-title":"Comput Fraud Secur"},{"issue":"2","key":"20273_CR75","doi-asserted-by":"publisher","first-page":"135","DOI":"10.1109\/TCSS.2014.2377811","volume":"1","author":"A Azaria","year":"2014","unstructured":"Azaria A, Richardson A, Kraus S, Subrahmanian VS (2014) Behavioral analysis of insider threat: a survey and bootstrapped prediction in imbalanced data. IEEE Trans Comput Soc Syst 1(2):135\u2013155","journal-title":"IEEE Trans Comput Soc Syst"},{"key":"20273_CR76","doi-asserted-by":"crossref","unstructured":"Maasberg M, Warren J, Beebe NL (2015) The dark side of the insider: detecting the insider threat through examination of dark triad personality traits. In: 48th Hawaii international conference on system sciences. IEEE","DOI":"10.1109\/HICSS.2015.423"},{"issue":"3","key":"20273_CR77","doi-asserted-by":"publisher","first-page":"679","DOI":"10.1007\/s10869-023-09885-9","volume":"39","author":"A Marbut","year":"2024","unstructured":"Marbut A, Harms P (2024) Fiends and fools: a narrative review and neo-socioanalytic perspective on personality and insider threats. J Bus Psychol 39(3):679\u2013696","journal-title":"J Bus Psychol"},{"issue":"4","key":"20273_CR78","doi-asserted-by":"publisher","first-page":"1287","DOI":"10.1007\/s12144-018-9834-6","volume":"39","author":"R Rogoza","year":"2020","unstructured":"Rogoza R, Cieciuch J (2020) Dark triad traits and their structure: an empirical approach. Curr Psychol 39(4):1287\u20131302","journal-title":"Curr Psychol"},{"issue":"1","key":"20273_CR79","doi-asserted-by":"publisher","first-page":"7","DOI":"10.1111\/ajpy.12198","volume":"71","author":"MA Koehn","year":"2019","unstructured":"Koehn MA, Okan C, Jonason PK (2019) A primer on the dark triad traits. Aust J Psychol 71(1):7\u201315","journal-title":"Aust J Psychol"},{"issue":"1","key":"20273_CR80","doi-asserted-by":"publisher","first-page":"28","DOI":"10.1177\/1073191113514105","volume":"21","author":"DN Jones","year":"2014","unstructured":"Jones DN, Paulhus DL (2014) Introducing the short dark triad (sd3) a brief measure of dark personality traits. Assessment 21(1):28\u201341","journal-title":"Assessment"},{"issue":"1","key":"20273_CR81","doi-asserted-by":"publisher","first-page":"35","DOI":"10.1016\/j.paid.2012.07.029","volume":"54","author":"LC Crysel","year":"2013","unstructured":"Crysel LC, Crosier BS, Webster GD (2013) The dark triad and risk behavior. Personal Individ Differ 54(1):35\u201340","journal-title":"Personal Individ Differ"},{"issue":"10337","key":"20273_CR82","first-page":"8","volume":"71","author":"PD Harms","year":"2022","unstructured":"Harms PD, Marbut A, Johnston AC, Lester P, Fezzey T (2022) Exposing the darkness within: a review of dark personality traits, models, and measures and their relationship to insider threats. J Inf Secur Appl 71(10337):8","journal-title":"J Inf Secur Appl"},{"key":"20273_CR83","doi-asserted-by":"publisher","first-page":"198","DOI":"10.1016\/j.cose.2017.03.003","volume":"67","author":"BD Bryant","year":"2017","unstructured":"Bryant BD, Saiedian H (2017) A novel kill-chain framework for remote security log analysis with siem software. Comput Secur 67:198\u2013210","journal-title":"Comput Secur"},{"issue":"1","key":"20273_CR84","first-page":"54","volume":"9","author":"A Harilal","year":"2018","unstructured":"Harilal A, Toffalini F, Homoliak I, Castellanos JH, Guarnizo J, Mondal S, Ochoa M (2018) The wolf of sutd (twos): a dataset of malicious insider threat behavior based on a gamified competition. J Wirel Mob Netw Ubiquit Comput Dependable Appl 9(1):54\u201385","journal-title":"J Wirel Mob Netw Ubiquit Comput Dependable Appl"},{"issue":"10222","key":"20273_CR85","first-page":"1","volume":"104","author":"S Yuan","year":"2021","unstructured":"Yuan S, Wu X (2021) Deep learning for insider threat detection: review, challenges and opportunities. Comput Secur 104(10222):1","journal-title":"Comput Secur"},{"key":"20273_CR86","doi-asserted-by":"crossref","unstructured":"Harilal A, Toffalini F, Castellanos J, Guarnizo J, Homoliak I, Ochoa M (2017) Twos: a dataset of malicious insider threat behavior based on a gamified competition. In: Proceedings of the international workshop on managing insider security threats, pp 45\u201356","DOI":"10.1145\/3139923.3139929"},{"issue":"4","key":"20273_CR87","first-page":"46","volume":"10","author":"A Kim","year":"2019","unstructured":"Kim A, Oh J, Ryu J, Lee J, Kwon K, Lee K (2019) Sok: a systematic review of insider threat detection. J Wirel Mob Netw Ubiquit Comput Dependable Appl 10(4):46\u201367","journal-title":"J Wirel Mob Netw Ubiquit Comput Dependable Appl"},{"key":"20273_CR88","unstructured":"Lindauer B (2020) CERT dataset. https:\/\/kilthub.cmu.edu\/articles\/dataset\/Insider_Threat_Test_Dataset\/12841247"},{"key":"20273_CR89","unstructured":"Greenberg S (1988) Using unix: Collected traces of users 168"},{"key":"20273_CR90","doi-asserted-by":"crossref","unstructured":"Elmrabit N, Yang SH, Yang L (2015) Insider threats in information security categories and approaches. In: 21st International Conference on Automation and Computing (ICAC). IEEE","DOI":"10.1109\/IConAC.2015.7313979"},{"key":"20273_CR91","doi-asserted-by":"crossref","unstructured":"Spooner D, Silowash G, Costa D, Albrethsen M (2018) Navigating the insider threat tool landscape: low cost technical solutions to jump start an insider threat program. In: IEEE Security and Privacy Workshops (SPW). IEEE, pp 247\u2013257","DOI":"10.1109\/SPW.2018.00040"},{"issue":"14","key":"20273_CR92","doi-asserted-by":"publisher","first-page":"4759","DOI":"10.3390\/s21144759","volume":"21","author":"G Gonz\u00e1lez-Granadillo","year":"2021","unstructured":"Gonz\u00e1lez-Granadillo G, Gonz\u00e1lez-Zarzosa S, Diaz R (2021) Security information and event management (siem): analysis, trends, and usage in critical infrastructures. Sensors 21(14):4759","journal-title":"Sensors"},{"issue":"1","key":"20273_CR93","first-page":"63","volume":"2","author":"CJ Fung","year":"2011","unstructured":"Fung CJ (2011) Collaborative intrusion detection networks and insider attacks. J Wirel Mob Netw Ubiquit Comput Dependable Appl 2(1):63\u201374","journal-title":"J Wirel Mob Netw Ubiquit Comput Dependable Appl"},{"key":"20273_CR94","doi-asserted-by":"crossref","unstructured":"Li W, Meng W, Zhu H (2020) Towards collaborative intrusion detection enhancement against insider attacks with multi-level trust. In: IEEE 19th International conference on Trust Security and Privacy in Computing and Communications (TrustCom). IEEE","DOI":"10.1109\/TrustCom50675.2020.00158"},{"key":"20273_CR95","doi-asserted-by":"publisher","first-page":"301","DOI":"10.1016\/j.anucene.2017.05.006","volume":"108","author":"KN Kim","year":"2017","unstructured":"Kim KN, Yim MS, Schneider E (2017) A study of insider threat in nuclear security analysis using game theoretic modeling. Ann Nucl Energy 108:301\u2013309","journal-title":"Ann Nucl Energy"},{"key":"20273_CR96","doi-asserted-by":"crossref","unstructured":"Feng X, Zheng Z, Cansever D, Swami A, Mohapatra P (2016) Stealthy attacks with insider information: a game theoretic model with asymmetric feedback. In: MILCOM -2016 IEEE military communications conference. IEEE, pp 277\u2013282","DOI":"10.1109\/MILCOM.2016.7795339"},{"key":"20273_CR97","doi-asserted-by":"crossref","unstructured":"Das S, Wong WK, Dietterich T, Fern A, Emmott A (2016) Incorporating expert feedback into active anomaly discovery. In: IEEE 16th International Conference on Data Mining (ICDM). IEEE","DOI":"10.1109\/ICDM.2016.0102"},{"issue":"10187","key":"20273_CR98","first-page":"6","volume":"113","author":"S Kauffman","year":"2021","unstructured":"Kauffman S, Dunne M, Gracioli G, Khan W, Benann N, Fischmeister S (2021) Palisade: a framework for anomaly detection in embedded systems. J Syst Archit 113(10187):6","journal-title":"J Syst Archit"},{"issue":"19","key":"20273_CR99","doi-asserted-by":"publisher","first-page":"4018","DOI":"10.3390\/app9194018","volume":"9","author":"J Kim","year":"2019","unstructured":"Kim J, Park M, Kim H, Cho S, Kang P (2019) Insider threat detection based on user behavior modeling and anomaly detection algorithms. Appl Sci 9(19):4018","journal-title":"Appl Sci"},{"key":"20273_CR100","doi-asserted-by":"crossref","unstructured":"Young WT, Memory A, Goldberg HG, Senator TE (2014) Detecting unknown insider threat scenarios. In: IEEE security and privacy workshops. IEEE, pp 277\u2013288","DOI":"10.1109\/SPW.2014.42"},{"key":"20273_CR101","doi-asserted-by":"crossref","unstructured":"Sokol P, Kleinov\u00e1 L, Hus\u00e1k M (2015) Study of attack using honeypots and honeynets lessons learned from time-oriented visualization. In: IEEE EUROCON 2015-International Conference on Computer as a Tool (EUROCON), pp 1\u20136. IEEE","DOI":"10.1109\/EUROCON.2015.7313713"},{"key":"20273_CR102","doi-asserted-by":"crossref","unstructured":"Olagunju AO, Samu F (2016) In search of effective honeypot and honeynet systems for real-time intrusion detection and prevention. In: Proceedings of the 5th annual conference on research in information technology","DOI":"10.1145\/2978178.2978184"},{"key":"20273_CR103","first-page":"801","volume-title":"Implementation of insider threat detection system using honeypot based sensors and threat analytics","author":"MM Yamin","year":"2019","unstructured":"Yamin MM, Katt B, Sattar K, Ahmad MB (2019) Implementation of insider threat detection system using honeypot based sensors and threat analytics. Future of information and communication conference, Cham, pp 801\u2013829"},{"key":"20273_CR104","first-page":"1","volume":"1","author":"P Sokol","year":"2017","unstructured":"Sokol P, M\u00ed\u0161ek J, Hus\u00e1k M (2017) Honeypots and honeynets: issues of privacy. EURASIP J Inf Secur 1:1\u20139","journal-title":"EURASIP J Inf Secur"},{"key":"20273_CR105","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-07941-7_12","volume-title":"Study of internet threats and attack methods using honeypots and honeynets","author":"T Sochor","year":"2014","unstructured":"Sochor T, Zuzcak M (2014) Study of internet threats and attack methods using honeypots and honeynets. International conference on computer networks, Springer, Cham"},{"key":"20273_CR106","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-19419-6_7","volume-title":"Attractiveness study of honeypots and honeynets in internet threat detection","author":"T Sochor","year":"2015","unstructured":"Sochor T, Zuzcak M (2015) Attractiveness study of honeypots and honeynets in internet threat detection. International conference on computer networks, Springer, Cham"},{"key":"20273_CR107","unstructured":"Sokol P, Pekar\u010d\u00edk P, Bajto\u0161 T (2015) Data collection and data analysis in honeypots and honeynets. Proceedings of the security and protection of information"},{"key":"20273_CR108","doi-asserted-by":"crossref","unstructured":"Syarova S, Toleva-Stoimenova S, Kirkov A, Petkov S, Traykov K (2024) Data leakage prevention and detection in digital configurations: A survey. In: Environment. Technologies. Resources. Proceedings of the international scientific and practical conference, vol 2, pp 253\u2013258","DOI":"10.17770\/etr2024vol2.8045"},{"key":"20273_CR109","doi-asserted-by":"publisher","first-page":"11","DOI":"10.1145\/3041008.3041011","volume":"3","author":"KW Kongsg\u00e5rd","year":"2017","unstructured":"Kongsg\u00e5rd KW, Nordbotten NA, Mancini F, Engelstad PE (2017) An internal\/insider threat score for data loss prevention and detection. Proceedings of the rd ACM on international workshop on security and privacy analytics 3:11\u201316","journal-title":"Proceedings of the rd ACM on international workshop on security and privacy analytics"},{"key":"20273_CR110","doi-asserted-by":"crossref","unstructured":"Costante E, Fauri D, Etalle S, Den Hartog J, Zannone N (2016) A hybrid framework for data loss prevention and detection. In: IEEE security and privacy workshops (SPW). IEEE, pp 324\u2013333","DOI":"10.1109\/SPW.2016.24"},{"issue":"108","key":"20273_CR111","first-page":"8965","volume":"10","author":"M Alohaly","year":"2022","unstructured":"Alohaly M, Balogun O, Takabi D (2022) Integrating cyber deception into attribute-based access control (abac) for insider threat detection. IEEE Access 10(108):8965\u201310897","journal-title":"IEEE Access"},{"key":"20273_CR112","doi-asserted-by":"publisher","first-page":"237","DOI":"10.1016\/j.cose.2013.08.001","volume":"39","author":"N Baracaldo","year":"2013","unstructured":"Baracaldo N, Joshi J (2013) An adaptive risk management and access control framework to mitigate insider threats. Comput Secur 39:237\u2013254","journal-title":"Comput Secur"},{"issue":"1","key":"20273_CR113","doi-asserted-by":"publisher","first-page":"2286","DOI":"10.30574\/wjarr.2024.21.1.0315","volume":"21","author":"UI Okoli","year":"2024","unstructured":"Okoli UI, Obi OC, Adewusi AO, Abrahams TO (2024) Machine learning in cybersecurity: a review of threat detection and defense mechanisms. World J Adv Res Rev 21(1):2286\u20132295","journal-title":"World J Adv Res Rev"},{"key":"20273_CR114","doi-asserted-by":"crossref","unstructured":"Tao X, Lu S, Zhao F, Lan R, Chen L, Fu L, Jia R (2024) User behavior threat detection based on adaptive sliding window gan. IEEE Trans Netw Serv Manag","DOI":"10.1109\/TNSM.2024.3355698"},{"issue":"10478","key":"20273_CR115","first-page":"5","volume":"181","author":"Y Li","year":"2019","unstructured":"Li Y, Zhu Z, Kong D, Han H, Zhao Y (2019) Ea-lstm: evolutionary attention-based lstm for time series prediction. Knowl-Based Syst 181(10478):5","journal-title":"Knowl-Based Syst"},{"key":"20273_CR116","doi-asserted-by":"crossref","unstructured":"Zhang D, Zheng Y, Wen Y, Xu Y, Wang J, Yu Y, Meng D (2018) Role-based log analysis applying deep learning for insider threat detection. In: Proceedings of the 1st workshop on security - oriented designs of computer architectures and processors, pp 18\u201320","DOI":"10.1145\/3267494.3267495"},{"issue":"9","key":"20273_CR117","doi-asserted-by":"publisher","first-page":"6118","DOI":"10.1007\/s11227-018-2674-1","volume":"75","author":"CH Park","year":"2019","unstructured":"Park CH (2019) Outlier and anomaly pattern detection on data streams. J Supercomput 75(9):6118\u20136128","journal-title":"J Supercomput"},{"issue":"1","key":"20273_CR118","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/2904018","volume":"19","author":"S Eberz","year":"2016","unstructured":"Eberz S, Rasmussen KB, Lenders V, Martinovic I (2016) Looks like eve: exposing insider threats using eye movement biometrics. ACM Trans Privacy Secur (TOPS) 19(1):1\u201331","journal-title":"ACM Trans Privacy Secur (TOPS)"},{"key":"20273_CR119","doi-asserted-by":"crossref","unstructured":"Hashem Y, Takabi H, GhasemiGol M, Dantu R (2015) Towards insider threat detection using psychophysiological signals. In: Proceedings of the 7th ACM CCS international workshop on managing insider security threats, pp 71\u201374","DOI":"10.1145\/2808783.2808792"},{"key":"20273_CR120","doi-asserted-by":"crossref","unstructured":"Kandias M, Stavrou V, Bozovic N, Gritzalis D (2013) Proactive insider threat detection through social media: the youtube case. In: Proceedings of the 12th ACM workshop on workshop on privacy in the electronic society, pp 261\u2013266","DOI":"10.1145\/2517840.2517865"},{"key":"20273_CR121","doi-asserted-by":"crossref","unstructured":"Lopez E, Sartipi K (2022) Paying attention to the insider threat","DOI":"10.18293\/SEKE2022-059"},{"key":"20273_CR122","unstructured":"Sinha J, Manollas M (2020) In: Proceedings of the 3rd international conference on artificial intelligence and pattern recognition"},{"issue":"11992","key":"20273_CR123","first-page":"5","volume":"224","author":"P Pal","year":"2023","unstructured":"Pal P, Chattopadhyay P, Swarnkar M (2023) Temporal feature aggregation with attention for insider threat detection from activity logs. Expert Syst Appl 224(11992):5","journal-title":"Expert Syst Appl"},{"issue":"16","key":"20273_CR124","doi-asserted-by":"publisher","first-page":"11414","DOI":"10.1016\/j.jfranklin.2023.09.004","volume":"360","author":"X Kan","year":"2023","unstructured":"Kan X, Fan Y, Zheng J, Chi C-H, Song W, Kudreyko A (2023) Data adjusting strategy and optimized xgboost algorithm for novel insider threat detection model. J Frankl Inst 360(16):11414\u201311443","journal-title":"J Frankl Inst"},{"key":"20273_CR125","unstructured":"Brownlee J (2020) Why is imbalanced classification difficult? https:\/\/machinelearningmastery.com\/imbalanced-classification-is-hard\/"},{"issue":"4","key":"20273_CR126","doi-asserted-by":"publisher","first-page":"4573","DOI":"10.1007\/s12652-023-04581-1","volume":"14","author":"M Singh","year":"2023","unstructured":"Singh M, Mehtre BM, Sangeetha S, Govindaraju V (2023) User behaviour based insider threat detection using a hybrid learning approach. J Ambient Intell Hum Comput 14(4):4573\u20134593","journal-title":"J Ambient Intell Hum Comput"},{"key":"20273_CR127","doi-asserted-by":"publisher","first-page":"220","DOI":"10.1016\/j.eswa.2016.12.035","volume":"73","author":"G Haixiang","year":"2017","unstructured":"Haixiang G, Yijing L, Shang J, Mingyun G, Yuanyue H, Bing G (2017) Learning from classimbalanced data: review of methods and applications. Expert Syst Appl 73:220\u2013239","journal-title":"Expert Syst Appl"},{"key":"20273_CR128","doi-asserted-by":"publisher","first-page":"863","DOI":"10.1613\/jair.1.11192","volume":"61","author":"A Fern\u00e1ndez","year":"2018","unstructured":"Fern\u00e1ndez A, Garcia S, Herrera F, Chawla NV (2018) Smote for learning from imbalanced data: progress and challenges, marking the 15-year anniversary. J Artif Intell Res 61:863\u2013905","journal-title":"J Artif Intell Res"},{"issue":"10726","key":"20273_CR129","first-page":"2","volume":"102","author":"M Koziarski","year":"2020","unstructured":"Koziarski M (2020) Radial-based undersampling for imbalanced data classification. Pattern Recognit 102(10726):2","journal-title":"Pattern Recognit"},{"key":"20273_CR130","doi-asserted-by":"publisher","first-page":"30907","DOI":"10.1109\/ACCESS.2024.3369906","volume":"12","author":"FR Alzaabi","year":"2024","unstructured":"Alzaabi FR, Mehmood A (2024) A review of recent advances, challenges, and opportunities in malicious insider threat detection using machine learning methods. IEEE Access 12:30907\u201330927","journal-title":"IEEE Access"},{"issue":"1","key":"20273_CR131","doi-asserted-by":"publisher","first-page":"2","DOI":"10.1186\/s42400-023-00190-9","volume":"7","author":"S Song","year":"2024","unstructured":"Song S, Gao N, Zhang Y, Ma C (2024) Britd: behavior rhythm insider threat detection with time awareness and user adaptation. Cybersecurity 7(1):2","journal-title":"Cybersecurity"},{"key":"20273_CR132","doi-asserted-by":"crossref","unstructured":"Yuan S, Zheng P, Wu X, Li Q (2019) Insider threat detection via hierarchical neural temporal point processes. In: 2019 IEEE international conference on big data (Big data). IEEE","DOI":"10.1109\/BigData47090.2019.9005589"},{"issue":"1","key":"20273_CR133","doi-asserted-by":"publisher","first-page":"30","DOI":"10.1109\/TNSM.2020.2967721","volume":"17","author":"DC Le","year":"2020","unstructured":"Le DC, Zincir-Heywood N, Heywood MI (2020) Analyzing data granularity levels for insider threat detection using machine learning. IEEE Trans Netw Serv Manag 17(1):30\u201344","journal-title":"IEEE Trans Netw Serv Manag"},{"key":"20273_CR134","doi-asserted-by":"crossref","unstructured":"Cai X, Wang Y, Xu S, Li H, Zhang Y, Yuan X (2024) Lan: learning adaptive neighbors for real-time insider threat detection. arXiv:2403.09209","DOI":"10.1109\/TIFS.2024.3488527"},{"issue":"7","key":"20273_CR135","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3538707","volume":"55","author":"Z Wang","year":"2022","unstructured":"Wang Z, Ma J, Wang X, Hu J, Qin Z, Ren K (2022) Threats to training: a survey of poisoning attacks and defenses on machine learning systems. ACM Comput Surv 55(7):1\u201336","journal-title":"ACM Comput Surv"},{"key":"20273_CR136","doi-asserted-by":"crossref","unstructured":"Gayathri RG, Sajjanhar A, Xiang Y (2022) Adversarial training for robust insider threat detection. In: International Joint Conference on Neural Networks (IJCNN). IEEE","DOI":"10.1109\/IJCNN55064.2022.9892059"},{"key":"20273_CR137","doi-asserted-by":"crossref","unstructured":"Gayathri R, Sajjanhar A, Xiang Y (2024) Hybrid deep learning model using spcagan augmentation for insider threat analysis. Expert Syst Appl 123533","DOI":"10.1016\/j.eswa.2024.123533"},{"issue":"10333","key":"20273_CR138","first-page":"9","volume":"124","author":"A Sundaram","year":"2020","unstructured":"Sundaram A, Abdel-Khalik HS, Ashy O (2020) A data analytical approach for assessing the efficacy of operational technology active defenses against insider threats. Prog Nucl Energy 124(10333):9","journal-title":"Prog Nucl Energy"},{"key":"20273_CR139","unstructured":"Szegedy C, Zaremba W, Sutskever I, Bruna J, Erhan D, Goodfellow I, Fergus R (2013) Intriguing properties of neural networks. Preprint"},{"key":"20273_CR140","doi-asserted-by":"crossref","unstructured":"Le DC, Zincir-Heywood N (2020) Exploring adversarial properties of insider threat etection. In: IEEE conference on Communications and Network Security (CNS). IEEE","DOI":"10.1109\/CNS48642.2020.9162254"},{"key":"20273_CR141","doi-asserted-by":"publisher","first-page":"1131","DOI":"10.1109\/TIFS.2020.3029898","volume":"16","author":"C Joshi","year":"2020","unstructured":"Joshi C, Aliaga JR, Insua DR (2020) Insider threat modeling: an adversarial risk analysis approach. IEEE Trans Inf Forensic Secur 16:1131\u20131142","journal-title":"IEEE Trans Inf Forensic Secur"},{"key":"20273_CR142","doi-asserted-by":"crossref","unstructured":"Yuan F, Shang Y, Liu Y, Cao Y, Tan J (2020) Data augmentation for insider threat detection with GAN. IEEE","DOI":"10.1109\/ICTAI50040.2020.00102"},{"key":"20273_CR143","doi-asserted-by":"crossref","unstructured":"Almehmadi A, El-Khatib K (2014) On the possibility of insider threat detection using physiological signal monitoring. Proceedings of the 7th international conference on security of information and networks","DOI":"10.1145\/2659651.2659654"},{"key":"20273_CR144","doi-asserted-by":"crossref","unstructured":"Dupuis M, Khadeer S (2016) Curiosity killed the organization: a psychological comparison between malicious and non-malicious insiders and the insider threat. of the 5th Annual conference on research in information technology","DOI":"10.1145\/2978178.2978185"},{"issue":"2","key":"20273_CR145","doi-asserted-by":"publisher","first-page":"373","DOI":"10.1109\/JSYST.2015.2424677","volume":"11","author":"A Almehmadi","year":"2015","unstructured":"Almehmadi A, El-Khatib K (2015) On the possibility of insider threat prevention using intent-based access control (ibac). IEEE Syst J 11(2):373\u2013384","journal-title":"IEEE Syst J"},{"issue":"2","key":"20273_CR146","doi-asserted-by":"publisher","first-page":"193","DOI":"10.1016\/j.jksuci.2014.03.020","volume":"27","author":"AK Das","year":"2015","unstructured":"Das AK, Goswami A (2015) A robust anonymous biometric-based remote user authentication scheme using smart cards. J King Saud Univ-Comput Inf Sci 27(2):193\u2013210","journal-title":"J King Saud Univ-Comput Inf Sci"},{"key":"20273_CR147","doi-asserted-by":"crossref","unstructured":"Sanzgiri A, Dasgupta D (2016) Classification of insider threat detection techniques. In: Proceedings of the 11th annual cyber and information security research conference, pp 1\u20134","DOI":"10.1145\/2897795.2897799"},{"key":"20273_CR148","unstructured":"Haidar D (2018) Opportunistic machine learning methods for effective insider threat detection. PhD thesis, Birmingham City University"},{"key":"20273_CR149","doi-asserted-by":"publisher","first-page":"166","DOI":"10.1016\/j.ijcip.2018.12.001","volume":"24","author":"AJ Bell","year":"2019","unstructured":"Bell AJ, Rogers MB, Pearce JM (2019) The insider threat: behavioral indicators and factors influencing likelihood of intervention. Int J Crit Infrastruct Prot 24:166\u2013176","journal-title":"Int J Crit Infrastruct Prot"},{"key":"20273_CR150","doi-asserted-by":"crossref","unstructured":"Le DC, Zincir-Heywood N, Heywood M (2021) Training regime influences to semi-supervised learning for insider threat detection. In: IEEE Security and Privacy Workshops (SPW). IEEE, pp 13\u201318","DOI":"10.1109\/SPW53761.2021.00010"},{"key":"20273_CR151","doi-asserted-by":"crossref","unstructured":"Schoenherr JR, Thomson R (2020) Insider threat detection: a solution in search of a problem. In: International conference on cyber security and protection of digital services (Cyber Security). IEEE","DOI":"10.1109\/CyberSecurity49315.2020.9138862"},{"issue":"5","key":"20273_CR152","doi-asserted-by":"publisher","first-page":"602","DOI":"10.1080\/19393555.2021.1971802","volume":"31","author":"S Prabhu","year":"2022","unstructured":"Prabhu S, Thompson N (2022) A primer on insider threats in cybersecurity. Inf Secur J Glob Perspect 31(5):602\u2013611","journal-title":"Inf Secur J Glob Perspect"},{"key":"20273_CR153","doi-asserted-by":"publisher","first-page":"166","DOI":"10.1016\/j.ijcip.2018.12.001","volume":"24","author":"AJ Bell","year":"2019","unstructured":"Bell AJ, Rogers MB, Pearce JM (2019) The insider threat: behavioral indicators and factors influencing likelihood of intervention. Int J Crit Infrastruct Prot 24:166\u2013176","journal-title":"Int J Crit Infrastruct Prot"},{"key":"20273_CR154","volume-title":"Insider threats and the need for fast and directed response","author":"E Cole","year":"2015","unstructured":"Cole E (2015) Insider threats and the need for fast and directed response. Tech, Rep, SANS Institute InfoSec Reading Room"},{"key":"20273_CR155","doi-asserted-by":"crossref","unstructured":"Singh M, Mehtre BM, Sangeetha S (2021) User behaviour based insider threat detection in critical infrastructures. In: 2nd International Conference on Secure Cyber Computing and Communications (ICSCCC). IEEE","DOI":"10.1109\/ICSCCC51823.2021.9478137"},{"key":"20273_CR156","unstructured":"Wang F, Tax DM (2016) Survey on the attention based RNN model and its applications in computer vision. Preprint"},{"key":"20273_CR157","doi-asserted-by":"crossref","unstructured":"Greitzer FL (2019) Insider threats: it\u2019s the human, stupid!. In: proceedings of the northwest cybersecurity symposium, pp 1\u20138","DOI":"10.1145\/3332448.3332458"},{"issue":"19","key":"20273_CR158","doi-asserted-by":"publisher","first-page":"4018","DOI":"10.3390\/app9194018","volume":"9","author":"J Kim","year":"2019","unstructured":"Kim J, Park M, Kim H, Cho S, Kang P (2019) Insider threat detection based on user behavior modeling and anomaly detection algorithms. Appl Sci 9(19):4018","journal-title":"Appl Sci"},{"key":"20273_CR159","unstructured":"Tuor A, Kaplan S, Hutchinson B, Nichols N, Robinson S (2017) Deep learning for unsupervised insider threat detection in structured cybersecurity data streams. Preprint"}],"container-title":["Multimedia Tools and Applications"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s11042-024-20273-0.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s11042-024-20273-0\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s11042-024-20273-0.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,9,6]],"date-time":"2025-09-06T01:13:40Z","timestamp":1757121220000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s11042-024-20273-0"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,10,4]]},"references-count":159,"journal-issue":{"issue":"24","published-online":{"date-parts":[[2025,7]]}},"alternative-id":["20273"],"URL":"https:\/\/doi.org\/10.1007\/s11042-024-20273-0","relation":{},"ISSN":["1573-7721"],"issn-type":[{"value":"1573-7721","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,10,4]]},"assertion":[{"value":"5 January 2024","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"23 July 2024","order":2,"name":"revised","label":"Revised","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"11 September 2024","order":3,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"4 October 2024","order":4,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"There is no known competing financial interests or personal relationships that may influence the work reported in this article.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Competing Interest"}}]}}