Enhancing Insider Threat Detection Through A Hybrid Approach Using Different Artificial Intelligence Techniques.

Author

Jose Roberto Da Silva Dure, CCT College Dublin

Supervisor

Taufique Ahmed

Programme

MSc in Data Analytics

Subject

Computer Science

Abstract

Insider threats pose significant challenges in cybersecurity due to their origin from individuals with legitimate access. Traditional defenses often fail to detect malicious behavior embedded within normal activities. This study proposes a hybrid artificial intelligence framework that integrates unsupervised anomaly detection, supervised and ensemble learning, and deep learning to enhance insider threat detection. Using the CERT 4.1 dataset, features encompassing temporal, behavioral, network, and psychometric aspects were engineered. Anomaly detection models informed supervised and ensemble classifiers, while a multi-input deep learning architecture captured sequential and contextual patterns. Performance evaluation using ROC-AUC, precision, recall, F1-score, and cost-sensitive analysis demonstrates that the hybrid framework outperforms individual methods. SHAP and attention mechanisms provide interpretable insights into model decisions, supporting effective detection of insider threats in complex enterprise environments.

Date of Award

2025

Full Publication Date

2025

Access Rights

open access

Document Type

Capstone Project

Resource Type

thesis

Recommended Citation

Da Silva Dure, J. (2025) Enhancing Insider Threat Detection Through A Hybrid Approach Using Different Artificial Intelligence Techniques. CCT College Dublin. DOI: https://doi.org/10.63227/652.299.96