Unmasking insider threats using a robust hybrid optimized generative pretrained neural network approach.

The design of insider threat detection models utilizing neural networks significantly improve its performance and ensures the precise identification of security breaches within network infrastructure. However, developing insider threat detection models involves substantial challenges in addressing the class imbalance problem, which deteriorates the detection performance in high-dimensional data. Thus, this article presents a novel approach called Hybrid Optimized Generative Pretrained Neural Network based Insider Threat Detection (HOGPNN-ITD). The proposed approach is composed of an Adabelief Wasserstein Generative Adversarial Network (ABWGAN) with Expected Hypervolume Improvement (EHI) of hyperparameter optimization for adversarial sample generation and an L2-Starting Point (L2-SP) regularized pretrained Attention Graph Convolutional Network (AGCN) to detect insiders in the network infrastructure. The structure of the proposed approach involves three phases: (1) Chebyshev Graph Laplacian Eigenmaps solver (CGLE) for selecting the user-designated samples by reducing the dimensionality of the data and Insider State clustering via Density-Based Spatial Clustering of Applications with Noise (IS-DBSCAN) (2) The EHI of multi-objective Bayesian optimization for optimizing the sensitive learning rate hyperparameter to ensure the stability of the Adabelief optimized WGAN and improve the quality of the generated adversarial samples. (3) The L2-SP regularization technique effectively fine-tunes the pretrained AGCN, which identifies the user behavioural pattern to detect the insiders. Thus, the performance of the proposed approach was examined using the benchmark insider threat dataset. The experimentation of the proposed approach ensures the detection of the skeptical behaviour of the insider with a high detection rate and minimal false alarm rate.