Enhancing Intrusion Detection Systems: A Unified Framework Leveraging User Personality Behavior Analysis to Detect Insider Threats and Social Engineering Attacks through Deep Learning

Insider threats and social engineering attacks (SEAs) pose significant challenges in cybersecurity (CS), often resulting in data breaches and substantial financial losses. Insider actions, whether intentional or unintentional, can lead to severe costs for organizations. Despite the implementation of multiple detection strategies, human errors continue to play a significant role in financial losses and the increased risk of data breaches. Traditional intrusion detection systems (IDS) focus primarily on network and host activities but tend to overlook the critical role of human behavior, which limits their ability to detect insider threats and SEAs effectively. This article proposes a novel and unified detection approach that integrates network detection, host-based detection, and user psychological behavior analysis to enhance IDS performance. The primary objective of this research is to improve the detection capabilities of conventional IDS by incorporating psychometric analysis of user behavior. Using psychological insights of humans and correlating them with cyber threat vulnerabilities, this approach aims to reduce false alarms and increase the accuracy of threat detection. To achieve this, we utilize deep neural networks (DNNs). Our unified detection framework integrates datasets, including threat intelligence and psychometric dataset, to enhance the identification of malicious activities and improve the overall detection performance. We evaluate the effectiveness of our model using accuracy, precision, recall, and F1-score metrics, then comparing our results to those of existing detection models. Our findings demonstrate promising results, highlighting the importance of incorporating psychological factors into threat detection systems to better protect organizational resources from evolving cyber risks. By integrating user behavior analysis with established detection methods, we strengthen the capabilities of traditional IDS. However, given the ever-growing complexity of modern cyber threats, continued innovation in threat mitigation strategies is essential.