Detecting insider threats in a real corporate database of computer usage activity
Proceedings of the 19th ACM SIGKDD international conference on Knowledge discovery and data mining
Systematic construction of anomaly detection benchmarks from real data
Proceedings of the ACM SIGKDD Workshop on Outlier Detection and Description
Hi-index | 0.00 |
The threat of malicious insider activity continues to be of paramount concern in both the public and private sectors. Though there is great interest in advancing the state of the art in predicting and stopping these threats, the difficulty of obtaining suitable data for research, development, and testing remains a significant hinderance. We outline the use of synthetic data to enable progress in one research program, while discussing the benefits and limitations of synthetic insider threat data, the meaning of realism in this context, as well as future research directions.