An Integrated Machine Learning and Deep Learning Framework for Insider Threat Detection in Healthcare EHR Logs

  • Sumathy Kingslin Associate Professor, Department of Computer Science, Quaid-E-Millath Govt College for Women (A), Chennai, India
  • Thasleem R Research Scholar, Department of Computer Science, Quaid-E-Millath Govt College for Women (A), Chennai, India
Keywords: Insider Threat Detection, Healthcare Cybersecurity, Hybrid Learning, Machine Learning, Deep Learning, LSTM, Electronic Health Records

Abstract

Insider threats pose a significant security challenge to healthcare organizations due to privileged access to sensitive Electronic Health Record (EHR) systems. While machine learning and deep learning techniques have been independently applied for insider threat detection, each approach has inherent limitations in modeling complex healthcare access behavior. This paper proposes an integrated hybrid machine learning–deep learning framework for insider threat detection in healthcare EHR logs. The framework combines traditional machine learning models for structured feature learning with Long Short-Term Memory (LSTM) networks for capturing temporal user behavior patterns. The proposed approach is evaluated using the CERT insider threat dataset and simulated healthcare EHR logs. Experimental results demonstrate that the hybrid model consistently outperforms standalone machine learning and deep learning models in terms of accuracy, precision, recall, F1-score, and AUC. The findings highlight the effectiveness of hybrid learning strategies in improving insider threat detection performance in dynamic healthcare environments.

Published
2026-02-27
Issue
Vol 13 No S2-i2-Feb (2026): Innovation in Information & Communication Technology
Section
Articles

Copyright (c) 2026 Sumathy Kingslin, Thasleem R


Creative Commons License

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.