AI-POWERED INSIDER THREAT DETECTION & EMPLOYEE MONITORING SYSTEM

Abstract

Insider threats pose a significant challenge in modern cybersecurity, as they often bypass traditional security measures
due to their subtle nature and legitimate access privileges. This paper presents an AI-driven detection system that integrates the
open-source Wazuh SIEM platform with behavioral analytics and machine learning techniques to effectively identify such
threats.
Using the CERT Insider Threat Dataset along with real-time log collection, the system applies supervised learning models to
detect unusual user behavior patterns. It assigns dynamic risk scores to users and generates actionable alerts, enabling timely
intervention and mitigation. The proposed framework is designed with a modular architecture, ensuring scalability and
adaptability across different environments. The system also incorporates advanced visualization techniques for better threat
analysis and monitoring. By continuously learning from new data, it improves detection accuracy and significantly reduces false
positives. Overall, the approach demonstrates strong potential in proactively identifying insider threats and enhancing
organizational security.