The ADBPSO-LightGBM internal threat detection framework based on hybrid data balancing
The misuse of privileges by users can lead to significant reputational and financial losses for enterprises. To reduce the risk of information leakage, it is crucial to detect and analyze abnormal behaviours of internal employees. Firstly, based on the characteristics of internal employee behaviour,...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Taylor & Francis Group
2025-12-01
|
| Series: | Systems Science & Control Engineering |
| Subjects: | |
| Online Access: | https://www.tandfonline.com/doi/10.1080/21642583.2025.2498913 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | The misuse of privileges by users can lead to significant reputational and financial losses for enterprises. To reduce the risk of information leakage, it is crucial to detect and analyze abnormal behaviours of internal employees. Firstly, based on the characteristics of internal employee behaviour, a data filter strategy based on user behaviour is proposed. Then, a data balancing strategy based on the concept of hybrid sampling is introduced. Moreover, to further construct the behaviour model, an improved particle swarm optimization algorithm based on adaptive delay and genetic factors is proposed, and it is used to search for the optimal parameters of LightGBM. Experimental results demonstrate that the proposed method is highly effective in detecting internal threats. |
|---|---|
| ISSN: | 2164-2583 |