Insidergan: Ealry Detection of Insider Threats in an Operational Enterprise Network

Date
2020
Authors
Haswell, Henry, IV
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract

Enterprise networks are an ever-growing resource for both public and private institutions which provide valuable information to their users. Schools, governmental agencies, and more have been targeted by malware attacks, which seek to use malicious software to damage or steal data, which can result in monetary loss, security threats to employees or clients, or legal liabilities. As such,multiple tools have been developed with the intent of detecting this kind of threat early before damage is made to the network. One growing method for detection is to use machine learning for behavior analysis and detection. InsiderGAN is one such tool that uses a Generative Adversarial Network capable of analyzing and detecting malware patterns from a variety of malware families in host-based logs from an enterprise network collected using the Windows Logging Service (WLS).

Description
This item is available only to currently enrolled UTSA students, faculty or staff.
Keywords
Deep Learning, Genererative Adversarial Network, Insider Threats, Machine Learning, Malware Detection, Windows Logging Service
Citation
Department
Electrical and Computer Engineering