Abstract
In recent years, malicious insider attacks have become a common fraudulent activity in which an attacker is often perceived as a trusted entity in Social Networks (SNs). At present, machine learning (ML) approaches are widely used to identify the behavior of users in the network. From this perspective, this paper presents an integrated approach, namely, Social network malicious insider detection (SID), which consists of long short-term memory (LSTM) and time-based trust evaluation (TBTE). The proposed SID aims to identify deviations in SN user behavior by monitoring their data. The proposed SID uses LSTM, an advanced version of the recurrent neural network (RNN), which precisely predicts the behavior of users and identifies the anomaly pattern in SNs. A time-based trust evaluation method is integrated with LSTM, which not only differentiates the abnormal behavior of SN users but also precisely categorizes an anomaly node as a malicious node, a new user or a broken node. Moreover, the proposed SID detects insiders accurately and reduces false alarms by providing a novel quantitative analysis for computing the balancing factor according to time, which avoids the misinterpretation of normal user patterns as anomalies. The performance of the proposed SID is evaluated in real time, which demonstrates that the detection accuracy for attacks is 96% for normal users and 98% for new users with a smaller time span.
Similar content being viewed by others
References
Wakui T, Kondo T, Teraoka F (2021) GAMPAL: an anomaly detection mechanism for internet backbone traffic by flow size prediction with LSTM-RNN. Ann Telecommun. https://doi.org/10.1007/s12243-021-00874-8
Filasiak R, Grzenda M, Luckner M et al (2014) On the testing of network cyber threat detection methods on spam example. Ann Telecommun 69:363–377. https://doi.org/10.1007/s12243-013-0412-5
Liu L, Wang P, Lin J, Liu L (2021) Intrusion detection of imbalanced network traffic based on machine learning and deep learning. IEEE Access 9:7550–7563. https://doi.org/10.1109/ACCESS.2020.3048198
Camacho J, Maciá-Fernández G, Fuentes-García NM, Saccenti E (2019) Semi-supervised multivariate statistical network monitoring for learning security threats. IEEE Trans Inf Forensics Secur 14(8):2179–2189. https://doi.org/10.1109/TIFS.2019.2894358
Pan SJ, Yang Q (2010) A survey on transfer learning. IEEE Trans Knowl Data Eng 22(10):1345–1359. https://doi.org/10.1109/TKDE.2009.191
Ma X, Shi W (2021) AESMOTE: adversarial reinforcement learning with SMOTE for anomaly detection. IEEE Trans Netw Sci Eng 8(2):943–956. https://doi.org/10.1109/TNSE.2020.3004312
Mauro MD, Galatro G, Liotta A (2020) Experimental review of neural-based approaches for network intrusion management. IEEE Trans Netw Serv Manage 17(4):2480–2495. https://doi.org/10.1109/TNSM.2020.3024225
Ma C, Du X, Cao L (2019) Analysis of multi-types of flow features based on hybrid neural network for improving network anomaly detection. IEEE Access 7:148363–148380. https://doi.org/10.1109/ACCESS.2019.2946708
Mao J, Hu Y, Jiang D, Wei T, Shen F (2020) CBFS: a clustering-based feature selection mechanism for network anomaly detection. IEEE Access 8:116216–116225. https://doi.org/10.1109/ACCESS.2020.3004699
Xie K et al (2018) On-line anomaly detection with high accuracy. IEEE/ACM Trans Netw 26(3):1222–1235
Camacho J, Therón R, García-Giménez JM, Maciá-Fernández G, García-Teodoro P (2019) Group-wise principal component analysis for exploratory intrusion detection. IEEE Access 7:113081–113093. https://doi.org/10.1109/ACCESS.2019.2935154
Velarde-Alvarado P, Vargas-Rosales C, Torres-Roman D, Martinez-Herrera A (2009) Detecting anomalies in network traffic using the method of remaining elements. IEEE Commun Lett 13(6):462–464. https://doi.org/10.1109/LCOMM.2009.090689
Liu X et al (2020) NADS-RA: network anomaly detection scheme based on feature representation and data augmentation. IEEE Access 8:214781–214800. https://doi.org/10.1109/ACCESS.2020.3040510
D’Alconzo A, Drago I, Morichetta A, Mellia M, Casas P (2019) A survey on big data for network traffic monitoring and analysis. IEEE Trans Netw Serv Manage 16(3):800–813
Elsayed MA, Zulkernine M (2020) PredictDeep: security analytics as a service for anomaly detection and prediction. IEEE Access 8:45184–45197. https://doi.org/10.1109/ACCESS.2020.2977325
Kwon S, Yoo H, Shon T (2020) IEEE 1815.1-based power system security with bidirectional RNN-based network anomalous attack detection for cyber-physical system. IEEE Access 8:77572–77586. https://doi.org/10.1109/ACCESS.2020.2989770
He H, Sun X, He H, Zhao G, He L, Ren J (2019) A novel multimodal-sequential approach based on multi-view features for network intrusion detection. IEEE Access 7:183207–183221. https://doi.org/10.1109/ACCESS.2019.2959131
Zhou X, Hu Y, Liang W, Ma J, Jin Q (2021) Variational LSTM enhanced anomaly detection for industrial big data. IEEE Trans Industr Inf 17(5):3469–3477. https://doi.org/10.1109/TII.2020.3022432
Ma P, Jiang B, Lu Z, Li N, Jiang Z (2021) Cyber security named entity recognition using bidirectional long short-term memory with conditional random fields. Tsinghua Sci Technol 26(3):259–265. https://doi.org/10.26599/TST.2019.9010033
Ma J, Zhang Y, Liu W (2015) User behavior trust evaluation model based on the AHP algorithm. J Bioinform Intell Control 4(2):106–110
Wang C, Yang B, Cui J, Wang C (2019) Fusing behavioral projection models for identity theft detection in online social networks. IEEE Trans Comput Soc Syst 6(4):637–648. https://doi.org/10.1109/TCSS.2019.2917003
Chen X, Yuan Y, Lu L, Yang J (2019) A multidimensional trust evaluation framework for online social networks based on machine learning. IEEE Access 7:175499–175513. https://doi.org/10.1109/ACCESS.2019.2957779
Du J, Gelenbe E, Jiang C, Zhang H, Ren Y, Poor HV (2019) Peer prediction-based trustworthiness evaluation and trustworthy service rating in social networks. IEEE Trans Inf Forensics Secur 14(6):1582–1594. https://doi.org/10.1109/TIFS.2018.2883000
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflict of interest
The authors declare no competing interests.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
We certify that the submission is original work and is not under review at any other publication.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Nathezhtha, T., Sangeetha, D. & Vaidehi, V. Social network malicious insider detection using time-based trust evaluation. Ann. Telecommun. 78, 585–597 (2023). https://doi.org/10.1007/s12243-023-00959-6
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12243-023-00959-6