This research presents a deep learning-based system for detecting insider threats within organizations by analyzing user behavior patterns. The proposed model utilizes a hybrid approach combining Convolutional Neural Networks (CNN) and Autoencoders to identify anomalous and malicious activities. The system considers features such as login activity, file access count, USB usage, and email communication. The dataset is preprocessed and transformed into feature vectors, followed by anomaly detection using autoencoders and classification using CNN. Experimental results show an accuracy of approximately 85–90%, demonstrating strong performance in identifying normal user behavior. However, due to class imbalance, the model shows limitations in detecting insider threat cases effectively. The system generates risk scores and alerts for high-risk employees, enabling proactive monitoring and early detection. This work highlights the effectiveness of deep learning techniques in cybersecurity while emphasizing the need for handling imbalanced datasets and improving detection of rare threat events.
Kulkarni et al. (Tue,) studied this question.