American
International
University-
Bangladesh

Students & Supervisors

Abstract

Insider threats are still one of the significant threats in cybersecurity, and can escape from the existing detection methods by their subtle and sophisticated behaviors. These insider threats, which are often conducted by trusted insiders who have authorized access, may lead to irreversible damage to the data consistency, credibility and solvency of an enterprise. Although much work has been devoted to detecting such outliers, current approaches have difficulty in distinguishing benign from malicious behavior with high accuracy. In this paper, we propose a new hybrid method of insider threat detection which combines unsupervised clustering with decision tree classification with the aid of iterative feedback loops to enhance the model throughout. Leveraging the information from various data sets, including HTTP logs, device interactions, authentication records, etc., we build a framework that captures complex behaviors that may indicate suspicious behavior. Incorporation of clustering techniques facilitates the flexible adjustment to changing insider behaviors, whereas the decision tree classifier accomplishes a clear and interpretable classification. This method establishes a base for comprehensive, real -time threat detection systems, delivering a scalable solution for companies looking to defend themselves against insider threats.

Keywords

Publication Details

• Type of Publication:
• Conference Name: IEEE 2nd INTERNATIONAL CONFERENCE ON COMPUTING, APPLICATIONS AND SYSTEMS (COMPAS 2025)
• Date of Conference: 30/09/2025 - 30/09/2025
• Venue: Islamic University Kushtia, Bangladesh.
• Organizer: IEEE Computer Society Bangladesh Chapter