Title: An improved data pre-processing method for classification and insider information leakage detection
Authors: Sung-Sam Hong; Dong-Wook Kim; Myung-Mook Han
Addresses: Department of Computer Engineering, Gachon University, Seongnam-si, South Korea ' Department of Computer Engineering, Gachon University, Seongnam-si, South Korea ' Department of Computer Engineering, Gachon University, Seongnam-si, South Korea
Abstract: Data pre-processing, a step performed prior to data processing, converts data into a form that is easy to analyse. In this study, we propose a method for the pre-processing and integration of data collected from various sources to detect insider information leakage; further, we evaluate the performance of data pre-processing by performing classification and detection experiments with collected normal and abnormal log data. An insider information leakage attack scenario was created, and the attack data for this scenario were generated in order to collect the corresponding log data. This preprocessing stage improved the efficiency of information leakage analysis and detection, as demonstrated by the results of our experiments that shown the performance with accuracies of 0.9991 and 0.9997, respectively, in source classification. In addition, we found that securing the attack scenario and actual attack data is a very important factor in insider information leakage detection owing to the small amount of attack data.
Keywords: data pre-processing; data leakage detection; classification; log analysis; information security; intelligent security data analysis; feature extraction.
International Journal of Advanced Intelligence Paradigms, 2018 Vol.11 No.1/2, pp.143 - 158
Received: 12 Mar 2016
Accepted: 12 Jun 2016
Published online: 04 Jul 2018 *