Skip to main content
SpringerLink
Log in

Social network malicious insider detection using time-based trust evaluation

  • Published:
Annals of Telecommunications Aims and scope Submit manuscript

Abstract

In recent years, malicious insider attacks have become a common fraudulent activity in which an attacker is often perceived as a trusted entity in Social Networks (SNs). At present, machine learning (ML) approaches are widely used to identify the behavior of users in the network. From this perspective, this paper presents an integrated approach, namely, Social network malicious insider detection (SID), which consists of long short-term memory (LSTM) and time-based trust evaluation (TBTE). The proposed SID aims to identify deviations in SN user behavior by monitoring their data. The proposed SID uses LSTM, an advanced version of the recurrent neural network (RNN), which precisely predicts the behavior of users and identifies the anomaly pattern in SNs. A time-based trust evaluation method is integrated with LSTM, which not only differentiates the abnormal behavior of SN users but also precisely categorizes an anomaly node as a malicious node, a new user or a broken node. Moreover, the proposed SID detects insiders accurately and reduces false alarms by providing a novel quantitative analysis for computing the balancing factor according to time, which avoids the misinterpretation of normal user patterns as anomalies. The performance of the proposed SID is evaluated in real time, which demonstrates that the detection accuracy for attacks is 96% for normal users and 98% for new users with a smaller time span.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Algorithm 1
Fig. 3
Fig. 4
Fig. 5
Algorithm 2
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12

Similar content being viewed by others

References

  1. Wakui T, Kondo T, Teraoka F (2021) GAMPAL: an anomaly detection mechanism for internet backbone traffic by flow size prediction with LSTM-RNN. Ann Telecommun. https://doi.org/10.1007/s12243-021-00874-8

    Article  Google Scholar 

  2. Filasiak R, Grzenda M, Luckner M et al (2014) On the testing of network cyber threat detection methods on spam example. Ann Telecommun 69:363–377. https://doi.org/10.1007/s12243-013-0412-5

    Article  Google Scholar 

  3. Liu L, Wang P, Lin J, Liu L (2021) Intrusion detection of imbalanced network traffic based on machine learning and deep learning. IEEE Access 9:7550–7563. https://doi.org/10.1109/ACCESS.2020.3048198

    Article  Google Scholar 

  4. Camacho J, Maciá-Fernández G, Fuentes-García NM, Saccenti E (2019) Semi-supervised multivariate statistical network monitoring for learning security threats. IEEE Trans Inf Forensics Secur 14(8):2179–2189. https://doi.org/10.1109/TIFS.2019.2894358

    Article  Google Scholar 

  5. Pan SJ, Yang Q (2010) A survey on transfer learning. IEEE Trans Knowl Data Eng 22(10):1345–1359. https://doi.org/10.1109/TKDE.2009.191

    Article  Google Scholar 

  6. Ma X, Shi W (2021) AESMOTE: adversarial reinforcement learning with SMOTE for anomaly detection. IEEE Trans Netw Sci Eng 8(2):943–956. https://doi.org/10.1109/TNSE.2020.3004312

    Article  MathSciNet  Google Scholar 

  7. Mauro MD, Galatro G, Liotta A (2020) Experimental review of neural-based approaches for network intrusion management. IEEE Trans Netw Serv Manage 17(4):2480–2495. https://doi.org/10.1109/TNSM.2020.3024225

    Article  Google Scholar 

  8. Ma C, Du X, Cao L (2019) Analysis of multi-types of flow features based on hybrid neural network for improving network anomaly detection. IEEE Access 7:148363–148380. https://doi.org/10.1109/ACCESS.2019.2946708

    Article  Google Scholar 

  9. Mao J, Hu Y, Jiang D, Wei T, Shen F (2020) CBFS: a clustering-based feature selection mechanism for network anomaly detection. IEEE Access 8:116216–116225. https://doi.org/10.1109/ACCESS.2020.3004699

    Article  Google Scholar 

  10. Xie K et al (2018) On-line anomaly detection with high accuracy. IEEE/ACM Trans Netw 26(3):1222–1235

    Article  Google Scholar 

  11. Camacho J, Therón R, García-Giménez JM, Maciá-Fernández G, García-Teodoro P (2019) Group-wise principal component analysis for exploratory intrusion detection. IEEE Access 7:113081–113093. https://doi.org/10.1109/ACCESS.2019.2935154

    Article  Google Scholar 

  12. Velarde-Alvarado P, Vargas-Rosales C, Torres-Roman D, Martinez-Herrera A (2009) Detecting anomalies in network traffic using the method of remaining elements. IEEE Commun Lett 13(6):462–464. https://doi.org/10.1109/LCOMM.2009.090689

    Article  Google Scholar 

  13. Liu X et al (2020) NADS-RA: network anomaly detection scheme based on feature representation and data augmentation. IEEE Access 8:214781–214800. https://doi.org/10.1109/ACCESS.2020.3040510

    Article  Google Scholar 

  14. D’Alconzo A, Drago I, Morichetta A, Mellia M, Casas P (2019) A survey on big data for network traffic monitoring and analysis. IEEE Trans Netw Serv Manage 16(3):800–813

    Article  Google Scholar 

  15. Elsayed MA, Zulkernine M (2020) PredictDeep: security analytics as a service for anomaly detection and prediction. IEEE Access 8:45184–45197. https://doi.org/10.1109/ACCESS.2020.2977325

    Article  Google Scholar 

  16. Kwon S, Yoo H, Shon T (2020) IEEE 1815.1-based power system security with bidirectional RNN-based network anomalous attack detection for cyber-physical system. IEEE Access 8:77572–77586. https://doi.org/10.1109/ACCESS.2020.2989770

    Article  Google Scholar 

  17. He H, Sun X, He H, Zhao G, He L, Ren J (2019) A novel multimodal-sequential approach based on multi-view features for network intrusion detection. IEEE Access 7:183207–183221. https://doi.org/10.1109/ACCESS.2019.2959131

    Article  Google Scholar 

  18. Zhou X, Hu Y, Liang W, Ma J, Jin Q (2021) Variational LSTM enhanced anomaly detection for industrial big data. IEEE Trans Industr Inf 17(5):3469–3477. https://doi.org/10.1109/TII.2020.3022432

    Article  Google Scholar 

  19. Ma P, Jiang B, Lu Z, Li N, Jiang Z (2021) Cyber security named entity recognition using bidirectional long short-term memory with conditional random fields. Tsinghua Sci Technol 26(3):259–265. https://doi.org/10.26599/TST.2019.9010033

    Article  Google Scholar 

  20. Ma J, Zhang Y, Liu W (2015) User behavior trust evaluation model based on the AHP algorithm. J Bioinform Intell Control 4(2):106–110

    Article  Google Scholar 

  21. Wang C, Yang B, Cui J, Wang C (2019) Fusing behavioral projection models for identity theft detection in online social networks. IEEE Trans Comput Soc Syst 6(4):637–648. https://doi.org/10.1109/TCSS.2019.2917003

    Article  Google Scholar 

  22. Chen X, Yuan Y, Lu L, Yang J (2019) A multidimensional trust evaluation framework for online social networks based on machine learning. IEEE Access 7:175499–175513. https://doi.org/10.1109/ACCESS.2019.2957779

    Article  Google Scholar 

  23. Du J, Gelenbe E, Jiang C, Zhang H, Ren Y, Poor HV (2019) Peer prediction-based trustworthiness evaluation and trustworthy service rating in social networks. IEEE Trans Inf Forensics Secur 14(6):1582–1594. https://doi.org/10.1109/TIFS.2018.2883000

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Madras Institute of Technology, Anna University, Chennai, Tamil Nadu, India

    T. Nathezhtha & D. Sangeetha

  2. Vellore Institute of Technology, Chennai, India

    T. Nathezhtha

  3. Mother Teresa Women’s University, Kodaikanal, Tamil Nadu, India

    V. Vaidehi

Authors
  1. T. Nathezhtha
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. D. Sangeetha
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. V. Vaidehi
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to D. Sangeetha.

Ethics declarations

Conflict of interest

The authors declare no competing interests.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

We certify that the submission is original work and is not under review at any other publication.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Nathezhtha, T., Sangeetha, D. & Vaidehi, V. Social network malicious insider detection using time-based trust evaluation. Ann. Telecommun. 78, 585–597 (2023). https://doi.org/10.1007/s12243-023-00959-6

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s12243-023-00959-6

Keywords

Search

Navigation