IJBTT

Hybrid Machine Learning for Enhanced Insider Threat Detection Using Generative Latent Features

Hybrid Machine Learning for Enhanced Insider Threat Detection Using Generative Latent Features
	© 2025 by IJETT Journal
	Volume-73 Issue-6
	Year of Publication : 2025
	Author : Pennada Siva Satya Prasad, Sasmita Kumari Nayak, M. Vamsi Krishna
	DOI : 10.14445/22315381/IJETT-V73I6P110

How to Cite?
Pennada Siva Satya Prasad, Sasmita Kumari Nayak, M. Vamsi Krishna, "Hybrid Machine Learning for Enhanced Insider Threat Detection Using Generative Latent Features," International Journal of Engineering Trends and Technology, vol. 73, no. 6, pp.102-113, 2025. Crossref, https://doi.org/10.14445/22315381/IJETT-V73I6P110

Abstract
Insider threats are a constant and evolving security threat to organizations, with vast financial and reputational damage. Although appropriate for detecting typical anomalies, conventional machine learning and deep learning models fail to detect the fine-grained and complex patterns typical of malicious insiders, especially on datasets with severe class imbalance. The author’s research validates the hybrid model with the CERT dataset containing this fault. For comparison, existing generative AI techniques like Deep Autoencoders (DAEs) and Variational Autoencoders (VAEs) provide stronger anomaly detection based on latent feature extraction. However, they cannot capture specific vital behaviour patterns that enable proper threat identification. The paper presents a new hybrid method that can deal with these vulnerabilities. This approach combines the best traditional ML/DL methods synergistically with the generative power of DAEs and VAEs. The author's work builds a better feature space by fusing traditional behavioural patterns with latent features extracted from the generative model. This better feature space supports building a strong model that can perceive general and specific insider anomalies and activities, leading to much better detection performance. Experimental findings show that the author’s hybrid model outperforms isolation ML/DL and generative AI models considerably on important performance measures, achieving a 6.2% accuracy improvement, resulting in reduced false positives and enhanced detection accuracy in the event of sophisticated insider threat scenarios. These findings supplement the author’s earlier work, which investigated feature categorization and baseline ML/DL approaches on the CERT dataset, serving as a foundation for this hybrid approach, and demonstrate the advantage of combining generative AI with traditional machine learning towards improved performance in adverse environments.

Keywords
Insider threat detection, Hybrid model, Generative AI (DAE, VAE), Feature fusion, CERT dataset, Resampling.

References
[1] Hazem M. Kotb et al., “A Novel Deep Synthesis-Based Insider Intrusion Detection (DS-IID) Model for Malicious Insiders and AI-Generated Threats,” Scientific Reports, vol. 15, 2025.
[CrossRef] [Google Scholar] [Publisher Link]
[2] Mohamed Amine Ferrag et al., “Generative AI in Cybersecurity: A Comprehensive Review of LLM Applications and Vulnerabilities,” Internet of Things and Cyber-Physical Systems, vol. 5, pp. 1-46, 2025.
[CrossRef] [Google Scholar] [Publisher Link]
[3] Zhen-Lei Ma, Xiao-Jian Li, and Fu-Qiang Nian, “An Interpretable Fault Detection Approach for Industrial Processes Based on Improved Autoencoder,” IEEE Transactions on Instrumentation and Measurement, vol. 74, pp. 1-13, 2025.
[CrossRef] [Google Scholar] [Publisher Link]
[4] Shining Sun et al., “Anomaly Detection in Cyber-Physical Systems Using Long-Short Term Memory Autoencoders: A Case Study with Man-in-the-Middle (MiTM) Attack,” 2025 IEEE Texas Power and Energy Conference (TPEC), College Station, TX, USA, pp. 1-6, 2025.
[CrossRef] [Google Scholar] [Publisher Link]
[5] Wenchuan Zhang et al., “Spiking Generative Models Based on Variational Autoencoder and Adversarial Training,” ICASSP 2025 - 2025 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP), Hyderabad, India, pp. 1-5, 2025.
[CrossRef] [Google Scholar] [Publisher Link]
[6] Sripada Nsvsc Ramesh et al., “Leveraging Cyberattack News Tweets fk-0or Advanced Threat Detection and Classification using Ensemble of Deep Learning Models with Wolverine Optimization Algorithm,” IEEE Access, vol. 13, pp. 48343-48358, 2025.
[CrossRef] [Google Scholar] [Publisher Link]
[7] Kavitha Dhanushkodi, and S. Thejas, “AI Enabled Threat Detection: Leveraging Artificial Intelligence for Advanced Security and Cyber Threat Mitigation,” IEEE Access, vol. 12, pp. 173127-173136, 2024.
[CrossRef] [Google Scholar] [Publisher Link]
[8] Kelvin Ovabor et al., “AI-Driven Threat Intelligence for Real-Time Cybersecurity: Frameworks, Tools, and Future Directions,” Open Access Research Journal of Science and Technology, vol. 14, no. 1, pp. 40-48, 2024.
[CrossRef] [Google Scholar] [Publisher Link]
[9] Shuang Song et al., “BRITD: Behavior Rhythm Insider Threat Detection with Time Awareness and User Adaptation,” Cybersecurity, vol. 7, no. 1. 2024.
[CrossRef] [Google Scholar] [Publisher Link]
[10] Taher Ali Al-Shehari et al., “Enhancing Insider Threat Detection in Imbalanced Cybersecurity Settings Using the Density21-Based Local Outlier Factor Algorithm,” IEEE Access, vol. 12, pp. 34820-34834, 2024.
[CrossRef] [Google Scholar] [Publisher Link]
[11] Fatima Rashed Alzaabi, and Abid Mehmood, “A Review of Recent Advances, Challenges, and Opportunities in Malicious Insider Threat Detection Using Machine Learning Methods,” IEEE Access, vol. 12, pp. 30907-30927, 2024.
[CrossRef] [Google Scholar] [Publisher Link]
[12] Kamal Berahmand et al., “Autoencoders and their Applications in Machine Learning: a Survey,” Artificial Intelligence Review, vol. 57, no. 2, 2024.
[CrossRef] [Google Scholar] [Publisher Link]
[13] Flavio Barbosa et al., “Damage Classification Utilizing Autoencoders and Convolutional Neural Network,” 1st Latin-American Workshop on Structural Health Monitoring, pp. 1-11, 2023.
[Google Scholar]
[14] Shuangshuang Chen, and Wei Guo, “Auto-Encoders in Deep Learning-A Review with New Perspectives,” Mathematics, vol. 11, no. 8, pp. 1-54, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[15] Anupam Mittal, and Urvashi Garg, “Design and Analysis of Insider Threat Detection and Prediction System Using Machine Learning Techniques,” 2023 Fifth International Conference on Electrical, Computer and Communication Technologies (ICECCT), Erode, India, pp. 1-8, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[16] Nitin Dixit, Rishi Gupta, and Pradeep Yadav, “Insider Threat Classification Using KNN MachineLearning Technique,” 2023 IEEE International Conference on Contemporary Computing and Communications (InC4), Bangalore, India, pp. 1-5, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[17] D. Sridevi et al., “Detecting Insider Threats in Cybersecurity Using Machine Learning and Deep Learning Techniques,” 2023 International Conference on Communication, Security and Artificial Intelligence (ICCSAI), Greater Noida, India, pp. 871-875, 2023.
CrossRef] [Google Scholar] [Publisher Link]
[18] Usman Rauf, Zhiyuan Wei, and Fadi Mohsen, “Employee Watcher: A Machine Learning-based Hybrid Insider Threat Detection Framework,” 2023 7th Cyber Security in Networking Conference (CSNet), Montreal, QC, Canada, pp. 39-45, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[19] Arnau Erola et al., “Insider-Threat Detection: Lessons from Deploying the CITD Tool in Three Multinational Organisations,” Journal of Information Security and Applications, vol. 67, 2022.
[CrossRef] [Google Scholar] [Publisher Link]