 Beyond Firewall: Leveraging Machine Learning for Real-Time Insider Threats Identification and User ProfilingSaif Al-Dean Qawasmeh and
Ali Abdullah S. AlQahtani ()
Future Internet, 2025, vol. 17, issue 2, 1-26 Abstract: Insider threats pose a significant challenge to organizational cybersecurity, often leading to catastrophic financial and reputational damages. Traditional tools such as firewalls and antivirus systems lack the sophistication needed to detect and mitigate these threats in real time. This paper introduces a machine learning-based system that integrates real-time anomaly detection with dynamic user profiling, enabling the classification of employees into categories of low, medium, and high risk. The system was validated using a synthetic dataset, achieving exceptional accuracy across machine learning models, with XGBoost emerging as the most effective. Keywords: insider threats; machine learning; real-time detection; user behavior classification; risk assessment; anomaly detection; dynamic profiling (search for similar items in EconPapers) Downloads: (external link) Related works: Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text Persistent link: https://EconPapers.repec.org/RePEc:gam:jftint:v:17:y:2025:i:2:p:93-:d:1593339 Access Statistics for this article Future Internet is currently edited by Ms. Grace You More articles in Future Internet from MDPI |
Is your work missing from RePEc? Here is how to contribute.
Questions or problems? Check the EconPapers FAQ or send mail to .
EconPapers is hosted by the
School of Business at Örebro University.