Development of a smart personnel security system using machine learning

Abstract

Insider threats remain one of the most challenging aspects of organizational security, particularly in the era of digital transformation and widespread remote access to sensitive data. This study proposes a machine learning–based approach to personnel security that combines Isolation Forest and Local Outlier Factor algorithms with behavioral features enhanced through the use of large language models (LLMs). To improve detection accuracy, user web activity was classified using LLM-generated labels derived from website content analysis. Experimental results demonstrate strong model performance in identifying insider activity at the user level, with high detection accuracy and minimal false classifications. In addition, time-to-detection analysis revealed that most insider threats were identified before or shortly after the onset of malicious behavior. The findings suggest that the proposed system is not only effective in capturing behavioral anomalies but also feasible for real-time deployment in enterprise environments.