ITDBERT: Temporal-semantic Representation for Insider Threat Detection

The objective and universal nature of user behavior data make it the primary data for insider threat detection. Existing solutions treat user behavior as atomic symbols and do not consider behavior semantic information. Meanwhile, fine-grained temporal information is ignored despite its relevance to describe user behavior. Such approaches inevitably lead to unsatisfactory performance and generalization. In this paper, we propose ITDBERT which embeds temporal information into behavior and catches the fused semantic representation via pre-trained language models. ITDBERT also leverages attention-based Bi-LSTM to provide behavior-level detection results. To verify the effectiveness of our proposed method, we conduct comparison experiments on Cert datasets. Our proposed model achieves an F1-score of 0.9243 in day-level insider threat detection, which outperforms baselines.

• Publication year

  2021

• Venue

  International Symposium on Computers and Communications

• Publication date

  2021-09-05

• Fields of study

  Computer Science

• Identifiers
  DOI 10.1109/ISCC53001.2021.9631538
• External record

  Open on Semantic Scholar

• Source metadata

  Semantic Scholar

• No claims are published for this paper.

• No concepts are published for this paper.

• No references are available for this paper.

• CAN-BiGRUBERT: Unveiling automotive vehicle intruders by profiling and characterizing anomalies in controller area network

  2026cites this paper
• LLMBA: Efficient Behavior Analytics via Large Pretrained Models in Zero Trust Networks

  2026cites this paper
• Integrating Human Factors into Insider Threat Detection – A Systematic Review

  2026cites this paper
• DMFI: A Dual-Modality Log Analysis Framework for Insider Threat Detection with LoRA-Tuned Language Models

  2025cites this paper
• An insider threat detection method based on improved Test-Time Training model

  2025cites this paper
• Ripple2Detect: A semantic similarity learning based framework for insider threat multi-step evidence detection

  2025cites this paper
• Insights into user behavioral-based insider threat detection: systematic review

  2025cites this paper
• User-Based Sequential Modeling with Transformer Encoders for Insider Threat Detection

  2025cites this paper
• DMFI: Dual-Modality Fine-Tuning and Inference Framework for LLM-Based Insider Threat Detection

  2025cites this paper
• Log2Sig: Frequency-Aware Insider Threat Detection via Multivariate Behavioral Signal Decomposition

  2025cites this paper
• MambaITD: An Efficient Cross-Modal Mamba Network for Insider Threat Detection

  2025cites this paper
• Insight-LLM: LLM-enhanced Multi-view Fusion in Insider Threat Detection

  2025cites this paper
• DPI-ITD: A Dual-Perspective Information-Driven Framework for Insider Threat Detection in IoT Systems

  2025influential citation
• Explicit Behavioral Embedding Method for Generating Explanations of Insider Threat Events

  2025cites this paper
• A Survey of Large Language Models for Insider Threat Detection

  2025influential citation
• Classifying Malicious Insider Threats Based On User Activity and Behavioral Profile Using Machine Learning

  2024cites this paper
• Machine learning approaches to detect, prevent and mitigate malicious insider threats: State-of-the-art review

  2024cites this paper
• MITD: A Multi-Dimensional Insider Threat Detection Framework Based On Deep Learning

  2024cites this paper
• A Review of Recent Advances, Challenges, and Opportunities in Malicious Insider Threat Detection Using Machine Learning Methods

  2024cites this paper
• LAN: Learning Adaptive Neighbors for Real-Time Insider Threat Detection

  2024influential citation
• Deep Dive into Insider Threats: Malicious Activity Detection within Enterprise

  2024cites this paper
• DTITD: An Intelligent Insider Threat Detection Framework Based on Digital Twin and Self-Attention Based Deep Learning Models

  2023cites this paper
• Temporal feature aggregation with attention for insider threat detection from activity logs

  2023cites this paper
• AttRSeq: Attack story reconstruction via sequence mining on causal graph

  2023cites this paper
• SPYRAPTOR: A Stream-based Smart Query System for Real-Time Threat Hunting within Enterprise

  2023cites this paper
• Insider Threat Detection: Using Classification Models

  2023cites this paper
• Hierarchical Classification Using Ensemble of Feed-Forward Networks for Insider Threat Detection from Activity Logs

  2023cites this paper
• RAP-Net: A Resource Access Pattern Network for Insider Threat Detection

  2022influential citation
• A Proposed Approach to Analyze Insider Threat Detection Using Emails

  2022cites this paper
• SeqA-ITD: User Behavior Sequence Augmentation for Insider Threat Detection at Multiple Time Granularities

  2022cites this paper