AI Lessons Learned from Experiments in Insider Threat Detection

Alexander Liu, Cheryl Martin, Tom Hetherington, Sara Matzner

Although AI has been successfully applied to many different domains with different characteristics, the task of applying a solution that is successful in one problem domain to a different domain remains far from automatic. Even the simpler task of applying a solution to a related but different domain is problematic. In this paper, we discuss various problems that can occur when trying to solve a classification problem in a new problem domain (insider threat) by trying previously successful approaches in a related problem domain (intrusion detection). We examine in depth why our results in the new problem domain did not reflect the successes from the previous domain. We conclude with various lessons learned that can be used when approaching a new problem domain.

This page is copyrighted by AAAI. All rights reserved. Your use of this site constitutes acceptance of all of AAAI's terms and conditions and privacy policy.