Saudi Cultural Missions Theses & Dissertations
Permanent URI for this communityhttps://drepo.sdl.edu.sa/handle/20.500.14154/10
Browse
2 results
Search Results
Item Restricted Towards Robust Cybersecurity Realm: An Exhaustive Evaluation of AI-Driven Approaches for Enhanced Insider Threat Detection(University of Warwick, 2024-01-08) Alyami, Rahf Yousif; Safa, Nader SohrabiToday, insider threats pose a significant risk to an organization's cybersecurity posture, often proving difficult to detect and causing substantial damage not only to an organization's financial resources but also to its reputation, mission, personnel, infrastructure, information, equipment, networks, or systems. Despite their critical importance, many organizations tend to primarily focus on external threats, unintentionally neglecting those that come from within. This study aims to explore the effectiveness of artificial intelligence in detecting insider threats in the cybersecurity landscape. It focuses on evaluating different algorithms and their ability to identify unusual behaviour patterns that indicate potential insider threats. To achieve this goal, the study involves developing a Python-based machine learning program in Jupyter Notebook to assess the performance of various anomaly-based and classification-based models such as One-Class Support Vector Machine (OCSVM), Isolation Forest (iForest), Support Vector Machine (SVM), Random Forest (RF), Adaptive Boosting (AdaBoost), Logistic Regression (LR), Extreme Gradient Boosting (XGBoost), and Neural Network (NN). Additionally, the study will conduct a comprehensive examination and comparative analysis of three sophisticated techniques: SelectKBest, Principal Component Analysis, and Synthetic Minority Over-sampling to enhance and optimize the performance of the selected models. This will ultimately lead to identifying the most efficient, anomaly, and classification-based detection models that deliver outstanding performance results, as well as identifying the best techniques to optimize their performance. For anomaly-based detection, the study's results revealed that the iForest algorithm demonstrated superior performance over OCSVM, achieving remarkable metrics of 90% Precision, 93% Recall, 92% F1-Score, and 93% Accuracy. For the classification-based models, a variety of combinations produced impressive results. The integration of the SMOTE technique and SelectKBest proved to be effective in reducing the occurrence of false positives. For instance, the RF-SMOTE-SelectKBest model showcased a remarkable 100% Recall and 99% Accuracy. The SVM-SMOTE-SelectKBest model maintained consistent performance metrics, recording 97% in Precision, Recall, F1-Score, and 99% Accuracy. The AdaBoost-SMOTE-SelectKBest model achieved 99% Accuracy. The XGBoost-SMOTE-SelectKBest model delivered 95% Precision, 95% Recall, 95% F1-Score, and 99% Accuracy. The NN-SMOTE-SelectKBest model exhibited exceptional performance, achieving 99% Accuracy, 97% Precision, and 95% Recall. The results of this study provide important insights into the ability of AI to efficiently identify insider threats, as well as in helping to select appropriate methods to enhance the effectiveness of insider threat detection.14 0Item Restricted IDENTIFICATION OF BEHAVIORAL INDICATORS IN MALICIOUS INSIDERS' THREATS IN CYBERSECURITY. A SURVEY QUANTITATIVE STUDY(Saudi Digital Library, 2023-12) Alanazi, Haifa; Liu, MichelleThis dissertation explores the critical issue of insider cybersecurity risks in the context of the oil and gas industry. The paper explores many facets of this phenomena, focusing on the factors that drive the personality traits, possibilities, and capabilities of these insiders as the industry faces an increasing threat from hostile insiders. This study's main goal is to provide a thorough examination of insider threats in the oil and gas industry with a focus on comprehending the underlying motivations and behavioral indications. The author aims to offer insightful information that can improve the cybersecurity practices used by the sector. The lack of focus on insider threats in the oil and gas industry is one obvious gap in the current body of literature. While external cybersecurity threats have been the subject of substantial research, insider threats are still largely unexplored. The dissertation examines the area of insider cybersecurity threats in the oil and gas industry by delving into four key research areas. These inquiries include a look at the motives that drive nefarious insiders within the industry, a look at how personality traits affect insider threats, a look at the circumstances that make it possible for such threats to happen, and a look at how insiders' skills affect the industry's overall cybersecurity risks. A quantitative approach was used to study these issues, and 95 oil and gas sector participants were polled. The questionnaires used a Likert scale. With the aid of the proper statistical software, descriptive and regression analysis of the data were performed. The results emphasize the critical part that motivations, personality, opportunity, and capabilities play in determining malevolent insider behavior. Notably, motives—such as unintended mistakes—were discovered to be important contributors to insider threats. According to the research, effective cybersecurity must include preventative measures, personnel training, and ongoing security assessments. This thesis offers the oil and gas sector insights to strengthen its cybersecurity defenses against insider threats, which has practical ramifications. It highlights the need for systematic preventive actions, an interdisciplinary strategy, and increased employee awareness to reduce the hazards brought on by hostile insiders. Additionally, it emphasizes how cybersecurity tactics are constantly altering in response to the shifting insider threat picture within the industry.53 0