[ICANN 2023] Anomaly-Based Insider Threat Detection via Hierarchical Information Fusion
-
Updated
Nov 20, 2023 - Jupyter Notebook
[ICANN 2023] Anomaly-Based Insider Threat Detection via Hierarchical Information Fusion
A comprehensive machine learning and deep learning pipeline for detecting insider threats using the CERT r4.1 dataset. This project combines unsupervised anomaly detection, supervised machine learning, and advanced deep learning architectures to identify anomalous user behavior in enterprise environments.
An end-to-end AI system for detecting insider threats using a hybrid machine learning approach (Isolation Forest + XGBoost). Features a high-performance ETL pipeline using DuckDB, real-time inference via FastAPI, and integrated Explainable AI (SHAP) for transparent risk assessment on the CERT R4.2 dataset.
Patent-aligned cybersecurity prototype implementing dynamic trust-based adaptive access control using credential integrity, competence evidence, behavioral risk, and event-driven trust recomputation.
Cyber - Eye (Frontend only) , hosted via netlify
FedShield-ID: Privacy-First Identity Trust Platform using Federated Learning, Differential Privacy, Post-Quantum Security, Explainable AI and Behavioral Analytics for Banking Networks.
Insider Threat Monitor
Production-ready insider threat detection with 99.81% accuracy - 5 ML/DL models + XAI (SHAP/LIME)
🛡️ SENTRY — Privileged-access defence for banking infrastructure. Explainable risk scoring, graded real-time enforcement, and post-quantum verifiable evidence, wrapped in an editorial-grade console.
A custom MITRE ATT&CK®-style framework for insider threat detection and investigation — structured as a kill chain, mapped to ATT&CK, with 130+ detection ID mappings.
Network profiling and behavior analysis
Experimental code for the PhD dissertation research on data leak detection in corporate networks based on evolutionary algorithms
AI-Powered Multi-Agent SOC (Security Operations Center) Platform A cybersecurity pipeline using 5 AI agents for real-time insider threat detection, risk analysis, and automated response. Built with Django, Next.js, Llama 3.1, LangGraph, and Reinforcement Learning. Developed as part of the 4th-year Integrated Project at Esprit School of Engineering
Two-stage insider threat detection on CERT r4.2: lightweight XGBoost screening + LLM-based reasoning over graph-informed narratives. University of Ottawa, CSI 5388.
Enterprise-grade continuous trust intelligence and insider threat detection platform powered by Post-Quantum Cryptography (PQC) and AI.
*This simulation captures core, widely observed attacker behaviors aligned with common enterprise intrusion patterns. From brute-force access to obfuscated execution, persistence, recon, and privilege assessment, each step reflects actions that threat actors commonly execute after compromising a host.
Cyber Projects
Add a description, image, and links to the insider-threat-detection topic page so that developers can more easily learn about it.
To associate your repository with the insider-threat-detection topic, visit your repo's landing page and select "manage topics."