Insidergan: Ealry Detection of Insider Threats in an Operational Enterprise Network

Date

2020

Authors

Haswell, Henry, IV

Journal Title

Journal ISSN

Volume Title

Publisher

Abstract

Enterprise networks are an ever-growing resource for both public and private institutions which provide valuable information to their users. Schools, governmental agencies, and more have been targeted by malware attacks, which seek to use malicious software to damage or steal data, which can result in monetary loss, security threats to employees or clients, or legal liabilities. As such,multiple tools have been developed with the intent of detecting this kind of threat early before damage is made to the network. One growing method for detection is to use machine learning for behavior analysis and detection. InsiderGAN is one such tool that uses a Generative Adversarial Network capable of analyzing and detecting malware patterns from a variety of malware families in host-based logs from an enterprise network collected using the Windows Logging Service (WLS).

Description

This item is available only to currently enrolled UTSA students, faculty or staff. To download, navigate to Log In in the top right-hand corner of this screen, then select Log in with my UTSA ID.

Keywords

Deep Learning, Genererative Adversarial Network, Insider Threats, Machine Learning, Malware Detection, Windows Logging Service

Citation

Department

Electrical and Computer Engineering