{"id":"https://openalex.org/W2909135150","doi":"https://doi.org/10.1145/3290688.3290692","title":"Insider Threat Detection with Long Short-Term Memory","display_name":"Insider Threat Detection with Long Short-Term Memory","publication_year":2019,"publication_date":"2019-01-14","ids":{"openalex":"https://openalex.org/W2909135150","doi":"https://doi.org/10.1145/3290688.3290692","mag":"2909135150"},"language":"en","primary_location":{"id":"doi:10.1145/3290688.3290692","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3290688.3290692","pdf_url":null,"source":{"id":"https://openalex.org/S4306524001","display_name":"Proceedings of the Australasian Computer Science Week Multiconference","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Australasian Computer Science Week Multiconference","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5047352685","display_name":"Jiuming Lu","orcid":null},"institutions":[{"id":"https://openalex.org/I31746571","display_name":"UNSW Sydney","ror":"https://ror.org/03r8z3t63","country_code":"AU","type":"education","lineage":["https://openalex.org/I31746571"]}],"countries":["AU"],"is_corresponding":true,"raw_author_name":"Jiuming Lu","raw_affiliation_strings":["School of Computer Science and Engineering, University of New South Wales, Sydney, New South Wales"],"affiliations":[{"raw_affiliation_string":"School of Computer Science and Engineering, University of New South Wales, Sydney, New South Wales","institution_ids":["https://openalex.org/I31746571"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5015158455","display_name":"Raymond K. Wong","orcid":"https://orcid.org/0000-0002-9814-6029"},"institutions":[{"id":"https://openalex.org/I31746571","display_name":"UNSW Sydney","ror":"https://ror.org/03r8z3t63","country_code":"AU","type":"education","lineage":["https://openalex.org/I31746571"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Raymond K. Wong","raw_affiliation_strings":["School of Computer Science and Engineering, University of New South Wales, Sydney, New South Wales"],"affiliations":[{"raw_affiliation_string":"School of Computer Science and Engineering, University of New South Wales, Sydney, New South Wales","institution_ids":["https://openalex.org/I31746571"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5047352685"],"corresponding_institution_ids":["https://openalex.org/I31746571"],"apc_list":null,"apc_paid":null,"fwci":5.9411,"has_fulltext":false,"cited_by_count":73,"citation_normalized_percentile":{"value":0.96465473,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":96,"max":100},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"10"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9975000023841858,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/insider-threat","display_name":"Insider threat","score":0.9314641952514648},{"id":"https://openalex.org/keywords/insider","display_name":"Insider","score":0.8352326154708862},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7710725665092468},{"id":"https://openalex.org/keywords/term","display_name":"Term (time)","score":0.6814148426055908},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6474267244338989},{"id":"https://openalex.org/keywords/anomaly-detection","display_name":"Anomaly detection","score":0.63883376121521},{"id":"https://openalex.org/keywords/sequence","display_name":"Sequence (biology)","score":0.4676157236099243},{"id":"https://openalex.org/keywords/artificial-neural-network","display_name":"Artificial neural network","score":0.427262544631958},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.3478243350982666}],"concepts":[{"id":"https://openalex.org/C2776633304","wikidata":"https://www.wikidata.org/wiki/Q6038026","display_name":"Insider threat","level":3,"score":0.9314641952514648},{"id":"https://openalex.org/C2778971194","wikidata":"https://www.wikidata.org/wiki/Q1664551","display_name":"Insider","level":2,"score":0.8352326154708862},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7710725665092468},{"id":"https://openalex.org/C61797465","wikidata":"https://www.wikidata.org/wiki/Q1188986","display_name":"Term (time)","level":2,"score":0.6814148426055908},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6474267244338989},{"id":"https://openalex.org/C739882","wikidata":"https://www.wikidata.org/wiki/Q3560506","display_name":"Anomaly detection","level":2,"score":0.63883376121521},{"id":"https://openalex.org/C2778112365","wikidata":"https://www.wikidata.org/wiki/Q3511065","display_name":"Sequence (biology)","level":2,"score":0.4676157236099243},{"id":"https://openalex.org/C50644808","wikidata":"https://www.wikidata.org/wiki/Q192776","display_name":"Artificial neural network","level":2,"score":0.427262544631958},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.3478243350982666},{"id":"https://openalex.org/C62520636","wikidata":"https://www.wikidata.org/wiki/Q944","display_name":"Quantum mechanics","level":1,"score":0.0},{"id":"https://openalex.org/C54355233","wikidata":"https://www.wikidata.org/wiki/Q7162","display_name":"Genetics","level":1,"score":0.0},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3290688.3290692","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3290688.3290692","pdf_url":null,"source":{"id":"https://openalex.org/S4306524001","display_name":"Proceedings of the Australasian Computer Science Week Multiconference","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Australasian Computer Science Week Multiconference","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.75,"display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":42,"referenced_works":["https://openalex.org/W179875071","https://openalex.org/W1486472792","https://openalex.org/W1516532723","https://openalex.org/W1520857056","https://openalex.org/W1540258466","https://openalex.org/W1811853421","https://openalex.org/W1919179112","https://openalex.org/W1969412696","https://openalex.org/W1985987493","https://openalex.org/W1990089904","https://openalex.org/W2008056655","https://openalex.org/W2032620230","https://openalex.org/W2039157918","https://openalex.org/W2089468765","https://openalex.org/W2096017373","https://openalex.org/W2114554028","https://openalex.org/W2116261113","https://openalex.org/W2125283600","https://openalex.org/W2133738343","https://openalex.org/W2166311720","https://openalex.org/W2168393938","https://openalex.org/W2255638286","https://openalex.org/W2288293293","https://openalex.org/W2293634267","https://openalex.org/W2335999708","https://openalex.org/W2402144811","https://openalex.org/W2411741275","https://openalex.org/W2529435904","https://openalex.org/W2536393303","https://openalex.org/W2538737552","https://openalex.org/W2560021099","https://openalex.org/W2583874385","https://openalex.org/W2585939463","https://openalex.org/W2729199241","https://openalex.org/W2761599262","https://openalex.org/W2782676577","https://openalex.org/W2782742819","https://openalex.org/W2783357966","https://openalex.org/W2808709910","https://openalex.org/W2902455138","https://openalex.org/W2953384591","https://openalex.org/W6713134421"],"related_works":["https://openalex.org/W2766781562","https://openalex.org/W4205304595","https://openalex.org/W2792608345","https://openalex.org/W2979782961","https://openalex.org/W308359497","https://openalex.org/W1499596878","https://openalex.org/W3136170567","https://openalex.org/W2947769183","https://openalex.org/W4387194049","https://openalex.org/W2018332730"],"abstract_inverted_index":{"Most":[0],"organizations":[1],"these":[2],"days":[3],"are":[4,32],"increasingly":[5],"threatened":[6],"by":[7],"malicious":[8,39,85],"insiders.":[9],"The":[10],"traditional":[11],"cybersecurity":[12],"system":[13,63,71,95],"uses":[14],"historical":[15],"logs":[16,64],"to":[17,34,61,80],"investigate/prevent":[18],"attacks":[19],"from":[20,38,84],"outside":[21],"a":[22,44,52,66],"company.":[23],"However,":[24],"for":[25,106],"insider":[26],"threats,":[27],"new":[28],"models":[29],"and":[30],"techniques":[31],"required":[33],"differentiate":[35,81],"normal":[36,77,82],"behaviour":[37,79,83],"acts.":[40,86],"This":[41,103],"paper":[42],"proposes":[43],"system,":[45],"called":[46],"Insider":[47],"Catcher,":[48],"that":[49,74],"bases":[50],"on":[51],"deep":[53],"neural":[54],"network":[55],"with":[56],"Long":[57],"Short-Term":[58],"Memory":[59],"(LSTM)":[60],"model":[62],"as":[65],"natural":[67],"structured":[68],"sequence.":[69],"Our":[70],"captures":[72],"patterns":[73],"indicate":[75],"users'":[76],"usage":[78],"Experiments":[87],"show":[88],"the":[89,93,97],"superior":[90],"performance":[91],"of":[92],"proposed":[94],"over":[96],"existing":[98],"log-based":[99],"anomaly":[100],"detection":[101],"strategies.":[102],"is":[104],"particularly":[105],"real-time":[107],"online":[108],"cases.":[109]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":8},{"year":2024,"cited_by_count":12},{"year":2023,"cited_by_count":20},{"year":2022,"cited_by_count":8},{"year":2021,"cited_by_count":13},{"year":2020,"cited_by_count":8},{"year":2019,"cited_by_count":3}],"updated_date":"2026-04-06T07:47:59.780226","created_date":"2025-10-10T00:00:00"}