Predictive Analytics for Insider Threats Using Multimodal Data (Log + Behavioural + Physical Security)
DOI:
https://doi.org/10.54536/ajiri.v4i3.6224Keywords:
Behavioural Indicators, Cybersecurity Risk Management, Data Fusion, Insider Threats, Machine Learning, Multimodal Data, Organisational Resilience, Physical Security, Predictive Analytics, System LogsAbstract
Insider threats are a continuous and dynamic issue in the field of organizational security that may take various forms, such as an abuse of authorized access to critical information systems and physical infrastructure. The traditional methods of isolating system log analysis, behavioural monitoring, or physical access control often do not have the ability to identify multi-layered and subtle patterns of threats. Multimodal data integration predictive analytics is a holistic approach since it integrates heterogeneous data volumes into coherent threat models that are able to pre-empt any possible threats before they escalate. The paper discusses the effectiveness of predictive analytics in insider threat detection through analysis of the connection between log records, behavioural indicators and physical security data. Instead, the focus is made on designing integrative frameworks, using advanced machine learning algorithms, and the applied implications on operational resilience. Issues like scalability, transparency of algorithms, and even ethical considerations are also critical issues that are considered to provide a sound deployment in the modern security environment. The paper highlights the need to embrace multimodal predictive approaches as a tactical defence mechanism and developing theoretical arguments and practical interventions in cybersecurity risk management.
Downloads
References
Amuda, O. K., Akinyemi, B. O., Sanni, M. L., & Aderounmu, G. A. (2022). A predictive user behaviour analytic model for insider threats in cyberspace. International Journal of Communication Networks and Information Security (IJCNIS), 14(1). https://doi.org/10.17762/ijcnis.v14i1.5208
Bin Sarhan, B., & Altwaijry, N. (2023). Insider threat detection using a machine learning approach. Applied Sciences, 13(1), 259. https://doi.org/10.3390/app13010259
Brdiczka, O., Liu, J., Price, B., Shen, J., Patil, A., Chow, R., & Bart, E. (2012). Proactive insider threat detection through graph learning and psychological context. 2012 IEEE Symposium on Security and Privacy Workshops, 142–149. https://doi.org/10.1109/SPW.2012.33
Carter, L., & Katz, J. (2019). Machine learning applications in security analytics: An overview. International Journal of Information Security, 18(5), 469–482. https://doi.org/10.1007/s10207-019-00446-0
Chattopadhyay, S., & Bandyopadhyay, S. (2020). Insider threat detection using deep learning techniques. Computers & Security, 92, 101760. https://doi.org/10.1016/j.cose.2020.101760
Cole, E., & Ring, S. (2005). Insider threat: Protecting the enterprise from sabotage, spying, and theft. Syngress. https://doi.org/10.1016/B978-159749021-0/50003-1
DANTE: Predicting insider threat using LSTM on system logs [Preprint]. (2021). arXiv. https://doi.org/10.48550/arXiv.2102.05600
Song, S., Gao, N., Zhang, Y., & Ma, C. (2024). BRITD: behavior rhythm insider threat detection with time awareness and user adaptation. Cybersecurity, 7(1), 2. https://doi.org/10.1186/s42400-023-00190-9
Gheyas, I. A., & Abdallah, A. E. (2016). Detection and prediction of insider threats to cyber security: A systematic literature review and meta-analysis. Big Data Analytics, 1(6), 1–29. https://doi.org/10.1186/s41044-016-0006-0
Greitzer, F. L., & Frincke, D. A. (2010). Combining traditional cyber security audit data with psychosocial data: Towards predictive modeling for insider threat mitigation. Insider Threats in Cyber Security, 49, 85–113. https://doi.org/10.1007/978-1-4419-7133-3_5
Greitzer, F. L., & Hohimer, R. E. (2011). Modeling human behavior to anticipate insider attacks. In S. Satapathy, A. Joshi, N. Modi, & N. Pathak (Eds.), ICT for Sustainable Development, Advances in Intelligent Systems and Computing, 409 (pp. 24–47). Springer. https://doi.org/10.1007/978-981-10-0135-2_34
Homoliak, I., Toffalini, F., Guarnizo, J., Elovici, Y., & Ochoa, M. (2019). Insight into insiders and IT: A survey of insider threat taxonomies, analysis, modeling, and countermeasures. ACM Computing Surveys, 52(2), 1–40. https://doi.org/10.1145/3303771
Kandias, M., Mylonas, A., Virvilis, N., Theoharidou, M., & Gritzalis, D. (2010). An insider threat prediction model. Trust, Privacy and Security in Digital Business, 6264, 26–37. https://doi.org/10.1007/978-3-642-15152-1_3
Liu, J., Kuhn, R., & Ross, R. (2018). Insider threat detection using system logs. IEEE Security & Privacy, 16(2), 26–34. https://doi.org/10.1109/MSP.2018.1870874
Magklaras, G., & Furnell, S. (2002). Insider threat prediction tool: Evaluating the probability of IT misuse. Computers & Security, 21(1), 62–73. https://doi.org/10.1016/S0167-4048(02)00506-0
Mishra, S., & Varadharajan, V. (2021). Multimodal machine learning for cybersecurity applications. Future Generation Computer Systems, 125, 691–706. https://doi.org/10.1016/j.future.2021.06.004
Moore, A., Cappelli, D., & Trzeciak, R. (2008). The “big picture” of insider IT sabotage across U.S. critical infrastructures. Proceedings of the 2008 International Conference on Software Engineering, 493–502. https://doi.org/10.1145/1368088.1368155
Nasir, R., Afzal, M., Latif, R., & Iqbal, W. (2021). Behaviour-based insider threat detection using deep learning. IEEE Access, 9, 3118297. https://doi.org/10.1109/ACCESS.2021.3118297
Park, Y., & Lee, H. (2020). Data fusion techniques for anomaly detection in cyber–physical systems. Sensors, 20(23), 6900. https://doi.org/10.3390/s20236900
Pennada, S. S. P., Nayak, S. K., & M. V. K. (2025). Insider threat detection using behavioural analysis through machine learning and deep learning techniques. International Research Journal of Multidisciplinary Technovation, 7(2), 74–86. https://doi.org/10.54392/irjmt2527
Racherache, B., Shirani, P., & Soeanu, A. (2023). Insider threat detection using supervised machine learning algorithms on an extremely imbalanced dataset. Computers & Security, 125, 103350. https://doi.org/10.1016/j.cose.2023.103350
Sanzgiri, A., & Dasgupta, D. (2016). Classification of insider threat detection techniques. 2016 IEEE Symposium on Technologies for Homeland Security, 1–6. https://doi.org/10.1109/THS.2016.7568904
Shu, X., & Yao, D. (2016). Data leak detection as a service. IEEE Transactions on Services Computing, 9(1), 75–87. https://doi.org/10.1109/TSC.2015.2390670
Song, C., & Zheng, J. (2025). Insight-LLM: LLM-enhanced multi-view fusion in insider threat detection [Preprint]. arXiv. https://doi.org/10.48550/arXiv.2509.01509
Stolfo, S., Bellovin, S., Hershkop, S., Keromytis, A., Smith, S., & Sinclair, S. (2008). Insider attack and cybersecurity: Beyond the hacker. Advances in Information Security, 39. https://doi.org/10.1007/978-0-387-77322-3
Wang, H., Wang, Y., & Yang, G. (2013). A predictive model of insider threat based on a Bayesian network. International Journal of Online and Biomedical Engineering, 9(S4), 69–74. https://doi.org/10.3991/ijoe.v9iS4.2660
Weiland, T., Legg, P., & Nurse, J. (2021). Insider threat detection using context-aware anomaly detection. Journal of Cybersecurity, 7(1), taab004. https://doi.org/10.1093/cybsec/taab004
Downloads
Published
Issue
Section
License
Copyright (c) 2025 Kh Said Al Mamun, Md Shadman Soumik, Md Mukidur Rahman, Mrinmoy Sarkar, Chowdhury Amin Abdullah, Mohammad Ali, Md Shahadat Hossain
This work is licensed under a Creative Commons Attribution 4.0 International License.
