A Unite and Conquer Based Ensemble learning Method for User Behavior Modeling

IT companies use tools to analyze user and entity behavior to protect their information assets from insider threats. Although supervised machine learning methods seem to be the ideal solution for solving this problem, situations in which new employee activity data is labeled and balanced, are not so common. Besides, the data can have different origins, structures, and can be substantial. Therefore, it’s difficult for a specific detection model to deal with and identify insiders in all cases effectively. To provide a solution to this problem, we are faced with methodological, algorithmic, and technological challenges. In this article, we try to meet these challenges by proposing a new approach based on ensemble learning methods to improve their performances from the point of view of accuracy and computation efficiency. With the detection of behavioral anomalies as a case study, we show the interest of this approach for its improvement of the prediction results and its efficacy on a high-performance computing system.