{"id":"https://openalex.org/W4391759517","doi":"https://doi.org/10.1109/access.2024.3365424","title":"Detecting and Identifying Insider Threats Based on Advanced Clustering Methods","display_name":"Detecting and Identifying Insider Threats Based on Advanced Clustering Methods","publication_year":2024,"publication_date":"2024-01-01","ids":{"openalex":"https://openalex.org/W4391759517","doi":"https://doi.org/10.1109/access.2024.3365424"},"language":"en","primary_location":{"id":"doi:10.1109/access.2024.3365424","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2024.3365424","pdf_url":"https://ieeexplore.ieee.org/ielx7/6287639/6514899/10433132.pdf","source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://ieeexplore.ieee.org/ielx7/6287639/6514899/10433132.pdf","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5054103055","display_name":"Oksana \u0145ikiforova","orcid":"https://orcid.org/0000-0001-7983-3088"},"institutions":[{"id":"https://openalex.org/I201787326","display_name":"Riga Technical University","ror":"https://ror.org/00twb6c09","country_code":"LV","type":"education","lineage":["https://openalex.org/I201787326"]}],"countries":["LV"],"is_corresponding":true,"raw_author_name":"Oksana Nikiforova","raw_affiliation_strings":["Faculty of Computer Science and Information Technology, Riga Technical University, Riga, Latvia"],"affiliations":[{"raw_affiliation_string":"Faculty of Computer Science and Information Technology, Riga Technical University, Riga, Latvia","institution_ids":["https://openalex.org/I201787326"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5022258995","display_name":"Andrejs Rom\u0101novs","orcid":"https://orcid.org/0000-0003-1645-2741"},"institutions":[{"id":"https://openalex.org/I201787326","display_name":"Riga Technical University","ror":"https://ror.org/00twb6c09","country_code":"LV","type":"education","lineage":["https://openalex.org/I201787326"]}],"countries":["LV"],"is_corresponding":false,"raw_author_name":"Andrejs Romanovs","raw_affiliation_strings":["Faculty of Computer Science and Information Technology, Riga Technical University, Riga, Latvia"],"affiliations":[{"raw_affiliation_string":"Faculty of Computer Science and Information Technology, Riga Technical University, Riga, Latvia","institution_ids":["https://openalex.org/I201787326"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5084643860","display_name":"Vitaly Zabiniako","orcid":"https://orcid.org/0000-0002-1307-1815"},"institutions":[{"id":"https://openalex.org/I141777705","display_name":"Latvian Biomedical Research and Study Centre","ror":"https://ror.org/01gckhp53","country_code":"LV","type":"facility","lineage":["https://openalex.org/I141777705"]}],"countries":["LV"],"is_corresponding":false,"raw_author_name":"Vitaly Zabiniako","raw_affiliation_strings":["ABC Software Ltd., Riga, Latvia","\"ABC software\" Ltd, Riga, Latvia"],"affiliations":[{"raw_affiliation_string":"ABC Software Ltd., Riga, Latvia","institution_ids":["https://openalex.org/I141777705"]},{"raw_affiliation_string":"\"ABC software\" Ltd, Riga, Latvia","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5062508268","display_name":"Jurijs Kornienko","orcid":null},"institutions":[{"id":"https://openalex.org/I141777705","display_name":"Latvian Biomedical Research and Study Centre","ror":"https://ror.org/01gckhp53","country_code":"LV","type":"facility","lineage":["https://openalex.org/I141777705"]}],"countries":["LV"],"is_corresponding":false,"raw_author_name":"Jurijs Kornienko","raw_affiliation_strings":["ABC Software Ltd., Riga, Latvia","\"ABC software\" Ltd, Riga, Latvia"],"affiliations":[{"raw_affiliation_string":"ABC Software Ltd., Riga, Latvia","institution_ids":["https://openalex.org/I141777705"]},{"raw_affiliation_string":"\"ABC software\" Ltd, Riga, Latvia","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5054103055"],"corresponding_institution_ids":["https://openalex.org/I201787326"],"apc_list":{"value":1850,"currency":"USD","value_usd":1850},"apc_paid":{"value":1850,"currency":"USD","value_usd":1850},"fwci":5.4878,"has_fulltext":true,"cited_by_count":16,"citation_normalized_percentile":{"value":0.96029865,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":98,"max":100},"biblio":{"volume":"12","issue":null,"first_page":"30242","last_page":"30253"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9947999715805054,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9947999715805054,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9947999715805054,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9940999746322632,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/insider-threat","display_name":"Insider threat","score":0.7324217557907104},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7019351720809937},{"id":"https://openalex.org/keywords/cluster-analysis","display_name":"Cluster analysis","score":0.6739746332168579},{"id":"https://openalex.org/keywords/insider","display_name":"Insider","score":0.5391770601272583},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.36479347944259644},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.34735918045043945},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.2317667007446289}],"concepts":[{"id":"https://openalex.org/C2776633304","wikidata":"https://www.wikidata.org/wiki/Q6038026","display_name":"Insider threat","level":3,"score":0.7324217557907104},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7019351720809937},{"id":"https://openalex.org/C73555534","wikidata":"https://www.wikidata.org/wiki/Q622825","display_name":"Cluster analysis","level":2,"score":0.6739746332168579},{"id":"https://openalex.org/C2778971194","wikidata":"https://www.wikidata.org/wiki/Q1664551","display_name":"Insider","level":2,"score":0.5391770601272583},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.36479347944259644},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.34735918045043945},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.2317667007446289},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/access.2024.3365424","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2024.3365424","pdf_url":"https://ieeexplore.ieee.org/ielx7/6287639/6514899/10433132.pdf","source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:fae556af3f7f44869996db7bda93c864","is_oa":true,"landing_page_url":"https://doaj.org/article/fae556af3f7f44869996db7bda93c864","pdf_url":null,"source":{"id":"https://openalex.org/S112646816","display_name":"SHILAP Revista de lepidopterolog\u00eda","issn_l":"0300-5267","issn":["0300-5267","2340-4078"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"IEEE Access, Vol 12, Pp 30242-30253 (2024)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.1109/access.2024.3365424","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2024.3365424","pdf_url":"https://ieeexplore.ieee.org/ielx7/6287639/6514899/10433132.pdf","source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","score":0.6399999856948853,"id":"https://metadata.un.org/sdg/16"}],"awards":[{"id":"https://openalex.org/G8538480564","display_name":null,"funder_award_id":"5.1.1.2.i.0/1/22/A/CFLA/008","funder_id":"https://openalex.org/F4320338370","funder_display_name":"FP7 Information and Communication Technologies"}],"funders":[{"id":"https://openalex.org/F4320338370","display_name":"FP7 Information and Communication Technologies","ror":null}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4391759517.pdf","grobid_xml":"https://content.openalex.org/works/W4391759517.grobid-xml"},"referenced_works_count":25,"referenced_works":["https://openalex.org/W1540089290","https://openalex.org/W2075900721","https://openalex.org/W2097749765","https://openalex.org/W2127218421","https://openalex.org/W2338134760","https://openalex.org/W2726539084","https://openalex.org/W2810649886","https://openalex.org/W2952403532","https://openalex.org/W2955431690","https://openalex.org/W2963174546","https://openalex.org/W3107539575","https://openalex.org/W3132843855","https://openalex.org/W3159946074","https://openalex.org/W3167042688","https://openalex.org/W3198059898","https://openalex.org/W3206774219","https://openalex.org/W4206916640","https://openalex.org/W4235646468","https://openalex.org/W4255775213","https://openalex.org/W4255936160","https://openalex.org/W4293696978","https://openalex.org/W4372342654","https://openalex.org/W4388758158","https://openalex.org/W4390777861","https://openalex.org/W6678914141"],"related_works":["https://openalex.org/W2766781562","https://openalex.org/W4205304595","https://openalex.org/W2792608345","https://openalex.org/W2979782961","https://openalex.org/W308359497","https://openalex.org/W1499596878","https://openalex.org/W3136170567","https://openalex.org/W2947769183","https://openalex.org/W26305611","https://openalex.org/W4399147188"],"abstract_inverted_index":{"This":[0,124],"paper":[1],"explores":[2],"the":[3,115,129],"analysis":[4],"of":[5,146],"user":[6,54,68,102,122],"behavior":[7,16,41,55,76,104,116],"in":[8,40,56,119,144],"information":[9],"systems":[10],"through":[11],"audit":[12],"records,":[13],"creating":[14],"a":[15,20,27],"model":[17,23,117],"represented":[18],"as":[19],"graph.":[21],"The":[22,60,81,97],"captures":[24],"actions":[25,113],"over":[26],"specified":[28],"period,":[29],"facilitating":[30],"real-time":[31],"comparison":[32],"to":[33,106,127,132],"identify":[34,107],"insider":[35],"threats":[36],"exploring":[37],"anomalies":[38,108],"detected":[39],"models.":[42],"\"e-StepControl,\"":[43],"developed":[44],"by":[45,71,109],"\"ABC":[46],"software\"":[47],"Ltd.,":[48],"incorporates":[49],"this":[50,64],"approach":[51],"for":[52,90],"monitoring":[53],"different":[57],"business":[58],"environments.":[59],"study":[61],"proposes":[62],"enhancing":[63],"solution":[65],"with":[66,114,141],"automatic":[67],"clustering,":[69],"achieved":[70],"grouping":[72,91],"individuals":[73],"exhibiting":[74],"similar":[75],"patterns":[77],"using":[78],"AI/ML":[79],"algorithms.":[80],"research":[82],"evaluates":[83],"various":[84],"clustering":[85],"methods,":[86],"discussing":[87],"their":[88,95,120],"suitability":[89],"users":[92],"based":[93],"on":[94],"behavior.":[96,150],"subsequent":[98],"step":[99],"involves":[100],"leveraging":[101],"class":[103],"models":[105],"comparing":[110],"an":[111],"individual\u2019s":[112],"expected":[118],"specific":[121],"group.":[123],"extension":[125],"aims":[126],"enhance":[128],"system\u2019s":[130],"ability":[131],"detect":[133],"potentially":[134],"malicious":[135],"activities,":[136],"providing":[137],"data":[138],"security":[139],"administrators":[140],"timely":[142],"alerts":[143],"case":[145],"deviations":[147],"from":[148],"typical":[149]},"counts_by_year":[{"year":2026,"cited_by_count":3},{"year":2025,"cited_by_count":8},{"year":2024,"cited_by_count":5}],"updated_date":"2026-04-10T15:06:20.359241","created_date":"2025-10-10T00:00:00"}