Scenario-based Log Dataset for Combating the Insider Threat

Abstract

Insider threat is the most important security issue to various organizations in recent years. Insiders are people who can gain access to confidential information within the organization by using their legitimate access rights, and can cause enormous damage to the organization by leaking it to the outside. Various studies have been conducted to handle with insider threat such as scenario-based threat detection schemes. Recently, machine learning-based abnormal behavior detection has become the main focus of research. Most of machine learning schemes need enormous data to learn but there exist few dataset to deal with insider threat except for CERT dataset of Carnegie Mellon University. In this paper, we proposed log data based on actual insider threat events and various scenarios to define the log. The logs presented in this paper will help organize learning data for big data analysis and machine learning, and it is expected that more accurate insider threat detection will be possible.