ScienceGate Book Chapters
JOURNAL ARTICLE

Insider Threat Detection Based On Heterogeneous Graph Neural Network

Tian TianYiru GongBo JiangS. AbdollahiHuamin FengZhigang Lu

Year: 2023 Pages: 628-635
DOI: 10.1109/trustcom60117.2023.00096
   Get Full-Text PDF    Get Analytical Report

Abstract

As one of the most challenging threats in cyberspace, insider threats frequently lead to substantial losses for enterprises. Recently, there are many studies focus on user behavior analysis for insider threats detection. However, they ignore the underlying causes of insider threats and the implicit relationships between users, which is more critical for discover the insider threats. To address this gap, we propose the novel ITDE model in this paper, which applies a graph neural network approach based on two-layer attention. The core idea is to abstracting user features and potential relationships as heterogeneous graphs based on an analysis of user behavior and the causes of insider threats. Futhermore, we employ node-level attention and semantic-level attention to capture the complex graph structure information and generate node embedding by aggregating features from meta-path based neighbors. Finally, we use a cross-entropy loss function to implement insider threat detection. We verify the effectiveness of our model on the CERT r4.2 dataset and it outperforms state-of-the-art methods in insider threat detection.

Keywords:
Insider threat Computer science Insider Computer security Graph Embedding Node (physics) Theoretical computer science Data mining Artificial intelligence

Metrics

4
Cited By
2.47
FWCI (Field Weighted Citation Impact)
20
Refs
0.90
Citation Normalized Percentile
Is in top 1%
Is in top 10%

Citation History

Topics

Information and Cyber Security
Physical Sciences →  Computer Science →  Information Systems
Network Security and Intrusion Detection
Physical Sciences →  Computer Science →  Computer Networks and Communications
Complex Network Analysis Techniques
Physical Sciences →  Physics and Astronomy →  Statistical and Nonlinear Physics

Related Documents

BOOK-CHAPTER

SlotITD: Insider Threat Detection Method Using Slot-Based Heterogeneous Graph Neural Network

Chen ZhangYinhao QiYan ZhuBo JiangZhigang LuTao Guo

Communications in computer and information science Year: 2025 Pages: 478-492
JOURNAL ARTICLE

ATHITD: Attention-based temporal heterogeneous graph neural network for insider threat detection

Yinhao QiChuyi YanZehui WangChen ZhangSong LiuZhigang LüBo Jiang

Journal:   Computers & Security Year: 2025 Vol: 157 Pages: 104587-104587
JOURNAL ARTICLE

Robust Anomaly-Based Insider Threat Detection Using Graph Neural Network

Junchao XiaoLin YangFuli ZhongXiaolei WangHongbo ChenDongyang Li

Journal:   IEEE Transactions on Network and Service Management Year: 2022 Vol: 20 (3)Pages: 3717-3733
JOURNAL ARTICLE

A Graph Convolution Neural Network Based Method for Insider Threat Detection

Kexiong FeiJiang ZhouLin SuWeiping WangYong ChenFan Zhang

Year: 2022 Pages: 66-73
JOURNAL ARTICLE

Log2Graph: A graph convolution neural network based method for insider threat detection

Kexiong FeiJiang ZhouLin SuWeiping WangYong Chen

Journal:   Journal of Computer Security Year: 2024 Vol: 33 (1)Pages: 37-56
© 2026 ScienceGate Book Chapters — All rights reserved.