IJSMT Journal

International Journal of Science, Strategic Management and Technology

An International, Peer-Reviewed, Open Access Scholarly Journal Indexed in recognized academic databases · DOI via Crossref The journal adheres to established scholarly publishing, peer-review, and research ethics guidelines set by the UGC

Submit Research Paper
ISSN: 3108-1762 (Online)
webp (1)

By /
Plagiarism Passed
Peer reviewed
Open Access

MACHINE LEARNING FOR INSIDER ATTACK DETECTION IN CLOUD SYSTEMS

AUTHORS:
Saurav Kumar
Mentor
Abdul Khalid
Affiliation
B.Tech(Information Technology)Department of Information Technology G.Noida-201310,India
DOI: 10.55041/ijsmt.v2i5.234
CC BY 4.0 License:
This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
DOWNLOAD ARTICLE REVIEW REPORT CITE THIS ARTICLE
Abstract

Insider attacks are honestly one of the scariest problems in cloud security right now. Why? Because the attacker already has a legitimate username and password. They are not breaking in — they are already inside. Most companies spend millions on firewalls and intrusion detection systems, but those tools are almost blind when an employee decides to steal data or sabotage systems. After talking to security teams from three different organizations, we realized how frustrated they were. Their alert systems were generating so much noise that real threats got lost. So we built a machine learning system that actually works for insider detection in cloud systems. We combined supervised learning (Random Forest and XGBoost) for catching known attack patterns and unsupervised learning (Isolation Forest and Autoencoders) for spotting completely new, never-seen-before insider behaviors. We trained and tested on the CERT insider threat dataset plus real cloud logs from a partner company. The results came out really well — 96.2% detection accuracy with only 3.8% false positives. That is a huge improvement over traditional rule-based systems. The best part? Our system explains why it raised an alert, so security analysts actually trust it. This framework is ready for real-world cloud deployment.

Keywords
Article Information
PUBLICATION DETAILS
Review Type:
Double-Blind Peer Review
License:
CC BY-NC 4.0
Volume/Issue:
Volume 02, Issue 05
Review Rounds:
2
Article Type:
Research Article
Publication Date:
May 14 2026
Article Metrics
Article Views
31
PDF Downloads
0
HOW TO CITE
APA

MLA

Chicago

Copy

Kumar, S. (2026). Machine Learning for Insider Attack Detection in Cloud Systems. International Journal of Science, Strategic Management and Technology, 02(05). https://doi.org/10.55041/ijsmt.v2i5.234

Kumar, Saurav. "Machine Learning for Insider Attack Detection in Cloud Systems." International Journal of Science, Strategic Management and Technology, vol. 02, no. 05, 2026, pp. . doi:https://doi.org/10.55041/ijsmt.v2i5.234.

Kumar, Saurav. "Machine Learning for Insider Attack Detection in Cloud Systems." International Journal of Science, Strategic Management and Technology 02, no. 05 (2026). https://doi.org/https://doi.org/10.55041/ijsmt.v2i5.234.

References
1. R. C. Nurse, O. Buckley, and I. Agrafiotis, ”Taxonomies of insider threats,” in Insider Threat: A Guide to Understanding, Detecting, and Defending, Springer, 2019, pp. 15–34.

2.Liu, O. De Vel, Q. L. Han, and M. Hussain, ”Detecting insider threats using machine learning: A systematic review,” ACM Computing Surveys, vol. 54, no. 7, pp. 1–38, 2022.

3.K. Das, A. K. Mishra, and M. R. Panda, ”A survey on insider threat detection using machine learning,” IEEE Access, vol. 11, pp. 45230–45252, 2023.

4.T. Liu, K. M. Ting, and Z. H. Zhou, ”Isolation forest,” in Proc. IEEE International Conference on Data Mining (ICDM), 2008, pp. 413–422.

5.Carnegie Mellon University CERT Division, ”Insider threat test dataset (r6.2),” Software Engineering Institute, Technical Report, 2016.

6.K. Sood and D. K. Sharma, ”Hybrid machine learning framework for insider threat detection,” Journal of Information Security and Appli-cations, vol. 68, art. no. 103221, 2022.

7.M. Lundberg and S. I. Lee, ”A unified approach to interpreting model predictions,” in Advances in Neural Information Processing Systems (NeurIPS), 2017, pp. 4765–4774.

8.A. Maxion and T. N. Townsend, ”Masquerade detection using truncated command lines,” in Proc. IEEE International Conference on Dependable Systems and Networks (DSN), 2002, pp. 219–228.

9.Cappelli, A. Moore, and R. Trzeciak, The CERT Guide to Insider Threats, Addison-Wesley, 2012.

10.A. C. Santos, ”Insider threat detection using user behavior analysis,” Computers & Security, vol. 79, pp. 104–118, 2018.
Ethics and Compliance
✓ All ethical standards met
This article has undergone plagiarism screening and double-blind peer review. Editorial policies have been followed. Authors retain copyright under CC BY-NC 4.0 license. The research complies with ethical standards and institutional guidelines.
Indexed In
Similar Articles
Deep Learning for Waste Classification
string(14) "Anjali Kunjwal" Kunjwal, A.
(2026)
DOI: 10.55041/ijsmt.v2i5.197
Design and Cost Analysis of RO Plant for Bullayya College
string(20) "D.V.V. Satyanarayana" Satyanarayana, D.et al.
(2026)
DOI: 10.55041/ijsmt.v2i4.258
FITFUSION: A Role Based Campus Wellness Platform with Integrated Fitness, Nutrition, Mental Health, Gamification, and AI Coaching
string(10) "Vansh Soni" Soni, V.et al.
(2026)
DOI: 10.55041/ijsmt.v2i5.216
Back to Volume 02, Issue 05
Scroll to Top