We are living in the age of advanced digital era. We could not even have thought of living without digital gadgets. Almost all the public and private sectors are working with digital data. There is a need to secure this confidential digital data from insider and outsider cyber-attacks. This research paper includes the survey of insider threat detection methods. Insider threats detection are more difficult because insiders are having all privileges or credentials to access the resources and no one will suspect on them. It is easy to transfer the digital data and access can be given to handle this data remotely through compromised insiders. Insider threats results in digital data theft, data leakage and data loss which impacts on profit level and damage the organization image in the market. Survey covers emerging technologies used for detection of insider threats. This research paper identifies the trends of tools, methods used for insider threat detection. It presents information year wise in statistical tabular format. This paper gives insight for future work and challenges to mitigate the cyber-attacks by insider threats.

Insider threats, cyber-attacks, detection methods

[1] J. Epstein, “Security Lessons Learned from Society,” IEEE Secur. Priv. Mag., vol. 6, no. 3, pp. 80–82, May 2008.
[2] B. M. Bowen, M. Ben Salem, S. Hershkop, A. D. Keromytis, and S. J. Stolfo, “Designing Host and Network Sensors to Mitigate the Insider Threat,” IEEE Secur. Priv. Mag., vol. 7, no. 6, pp. 22–29, Nov. 2009.
[3] D. Caputo, M. Maloof, and G. Stephens, “Detecting Insider Theft of Trade Secrets,” IEEE Secur. Priv. Mag., vol. 7, no. 6, pp. 14–21, Nov. 2009.
[4] S. L. Pfleeger and S. J. Stolfo, “Addressing the Insider Threat,” IEEE Secur. Priv. Mag., vol. 7, no. 6, pp. 10–13, Nov. 2009.
[5] F. Duran, S. H. Conrad, G. N. Conrad, D. P. Duggan, and E. B. Held, “Building A System For Insider Security,” IEEE Secur. Priv. Mag., vol. 7, no. 6, pp. 30–38, Nov. 2009.
[6] G. M. Coates, K. M. Hopkinson, S. R. Graham, and S. H. Kurkowski, “A Trust System Architecture for SCADA Network Security,” IEEE Trans. Power Deliv., vol. 25, no. 1, pp. 158–169, Jan. 2010.
[7] S. L. Pfleeger, J. B. Predd, J. Hunker, and C. Bulford, “Insiders Behaving Badly: Addressing Bad Actors and Their Actions,” IEEE Trans. Inf. Forensics Secur., vol. 5, no. 1, pp. 169–179, Mar. 2010.
[8] R. Beyah and A. Venkataraman, “Rogue-Access-Point Detection: Challenges, Solutions, and Future Directions,” IEEE Secur. Priv. Mag., vol. 9, no. 5, pp. 56–61, Sep. 2011.
[9] M. Mansoori and Ray Hunt, “An ISP Based Notification and Detection System to Maximize Efficiency of Client Honeypots in Protection of End Users,” Int. J. Netw. Secur. Its Appl., vol. 3, no. 5, pp. 59–73, Sep. 2011.
[10] Y. Chen, S. Nyemba, and B. Malin, “Detecting Anomalous Insiders in Collaborative Information Systems,” IEEE Trans. Dependable Secure Comput., vol. 9, no. 3, pp. 332–344, May 2012.
[11] X. Li, Y. Xue, and B. Malin, “Detecting Anomalous User Behaviors in Workflow-Driven Web Applications,” 2012, pp. 1–10.
[12] P. Legg et al., “Towards a Conceptual Model and Reasoning Structure for Insider Threat Detection,” p. 19, 2013.
[13] S. Omar, A. Ngadi, and H. H. Jebur, “An Adaptive Intrusion Detection Model based on Machine Learning Techniques,” Int. J. Comput. Appl., vol. 70, no. 7, pp. 1–5, May 2013.
[14] M. Bishop et al., “Insider Threat Identification by Process Analysis,” in 2014 IEEE Security and Privacy Workshops, San Jose, CA, 2014, pp. 251–264.
[15] A. Azaria, A. Richardson, S. Kraus, and V. S. Subrahmanian, “Behavioral Analysis of Insider Threat: A Survey and Bootstrapped Prediction in Imbalanced Data,” IEEE Trans. Comput. Soc. Syst., vol. 1, no. 2, pp. 135–155, Jun. 2014.
[16] Z. Malek and D. B. Trivedi, “The Rule Based Intrusion Detection Model for User Behavior,” Int. J. Adv. Res. Comput. Sci. Softw. Eng., p. 4, 2015.
[17] K. Padayachee, “Aspectising honeytokens to contain the insider threat,” IET Inf. Secur., vol. 9, no. 4, pp. 240–247, Jul. 2015.
[18] I. Atoum and A. Otoom, “Effective Belief Network for Cyber Security Frameworks,” Int. J. Secur. Its Appl., vol. 10, no. 4, pp. 221–228, Apr. 2016.
[19] H. Bao, R. Lu, B. Li, and R. Deng, “BLITHE: Behavior Rule-Based Insider Threat Detection for Smart Grid,” IEEE Internet Things J., vol. 3, no. 2, pp. 190–205, Apr. 2016
[20] M. Ali et al., “SeDaSC: Secure Data Sharing in Clouds,” IEEE Syst. J., vol. 11, no. 2, pp. 395–404, Jun. 2017.
[21] B. Bose, B. Avasarala, S. Tirthapura, Y.-Y. Chung, and D. Steiner, “Detecting Insider Threats Using RADISH: A System for Real-Time Anomaly Detection in Heterogeneous Data Streams,” IEEE Syst. J., vol. 11, no. 2, pp. 471–482, Jun. 2017.
[22] A. M. Ali and P. Angelov, “Anomalous behaviour detection based on heterogeneous data and data fusion,” Soft Comput., vol. 22, no. 10, pp. 3187–3201, May 2018.
[23] X. Huang, Y. Lu, D. Li, and M. Ma, “A Novel Mechanism for Fast Detection of Transformed Data Leakage,” IEEE Access, vol. 6, pp. 35926–35936, 2018.
[24] L. Liu, O. De Vel, C. Chen, J. Zhang, and Y. Xiang, “Anomaly-Based Insider Threat Detection Using Deep Autoencoders,” in 2018 IEEE International Conference on Data Mining Workshops (ICDMW), Singapore, Singapore, 2018, pp. 39–48.
[25] S. Elshafei and A. Abdelnaby, “Using semantic variations in clustering insiders behavior,” in 2018 6th International Symposium on Digital Forensic and Security (ISDFS), Antalya, 2018, pp. 1–5.
[26] M. Dahmane and S. Foucher, “Combating Insider Threats by User Profiling from Activity Logging Data,” in 2018 1st International Conference on Data Intelligence and Security (ICDIS), South Padre Island, TX, 2018, pp. 194–199. [26] Yakubu Ajiji Makeri, "The role of Cyber Security and Human-Technology Centric for Digital Transformation", International Journal of Scientific Research in Computer Science and Engineering, Vol.6, Issue.6, pp.53-59, 2018.
[27] S. Garg, K. Kaur, N. Kumar, and J. J. P. C. Rodrigues, “Hybrid Deep-Learning-Based Anomaly Detection Scheme for Suspicious Flow Detection in SDN: A Social Multimedia Perspective,” IEEE Trans. Multimed., vol. 21, no. 3, pp. 566–578, Mar. 2019.
[28] W. Shen, J. Qin, J. Yu, R. Hao, and J. Hu, “Enabling Identity-Based Integrity Auditing and Data Sharing With Sensitive Information Hiding for Secure Cloud Storage,” IEEE Trans. Inf. Forensics Secur., vol. 14, no. 2, pp. 331–346, Feb. 2019.
[29] P. Santra, "An Expert Forensic Investigation System for Detecting Malicious Attacks and Identifying Attackers in Cloud Environment", International Journal of Scientific Research in Network Security and Communication, Vol.6, Issue.5, pp.1-26, 2018.
[30] Afzal Ahmad, Mohammad Asif, Shaikh Rohan Ali, "Review Paper on Shallow Learning and Deep Learning Methods for Network security", International Journal of Scientific Research in Computer Science and Engineering, Vol.6, Issue.5, pp.45-54, 2018.
[31] Poonam Devi , "Attacks on Cloud Data: A Big Security Issue", International Journal of Scientific Research in Network Security and Communication, Vol.6, Issue.2, pp.15-18, 2018.
[32] Yakubu Ajiji Makeri, "The role of Cyber Security and Human-Technology Centric for Digital Transformation", International Journal of Scientific Research in Computer Science and Engineering, Vol.6, Issue.6, pp.53-59, 2018.