Insider Threat Detection Using GCN and Bi-LSTM With Explicit and Implicit Graph Representations
Summary
This article presents a new method for detecting insider threats (malicious activities by trusted employees within an organization) by combining two types of graph structures (explicit graphs based on predefined rules and implicit graphs derived from data patterns) with neural network models (GCNs and Bi-LSTM, which are deep learning architectures that process network relationships and temporal sequences). The framework was tested on two datasets and achieved very high accuracy rates, correctly identifying 100% of threats on one dataset while maintaining a low false positive rate (incorrectly flagging normal activity as suspicious).
Classification
Original source: http://ieeexplore.ieee.org/document/11311570
First tracked: July 16, 2026 at 02:12 AM
Classified by LLM (prompt v3) · confidence: 82%