<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE article PUBLIC "-//NLM//DTD JATS (Z39.96) Journal Publishing DTD v1.3 20210610//EN" "JATS-journalpublishing1-3.dtd">
<article article-type="research-article" dtd-version="1.3" xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xml:lang="ru"><front><journal-meta><journal-id journal-id-type="publisher-id">sibsutis</journal-id><journal-title-group><journal-title xml:lang="ru">Вестник СибГУТИ</journal-title><trans-title-group xml:lang="en"><trans-title>The Herald of the Siberian State University of Telecommunications and Information Science</trans-title></trans-title-group></journal-title-group><issn pub-type="ppub">1998-6920</issn><publisher><publisher-name>СибГУТИ</publisher-name></publisher></journal-meta><article-meta><article-id pub-id-type="doi">10.55648/1998-6920-2026-20-2-3-15</article-id><article-id custom-type="elpub" pub-id-type="custom">sibsutis-1058</article-id><article-categories><subj-group subj-group-type="heading"><subject>Research Article</subject></subj-group><subj-group subj-group-type="section-heading" xml:lang="ru"><subject>Статьи</subject></subj-group></article-categories><title-group><article-title>Приватно-сохраняющее обнаружение вторжений в корпоративных сетях на основе федеративного обучения и дифференциально-приватного глубокого обучения</article-title><trans-title-group xml:lang="en"><trans-title>Privacy-preserving intrusion detection in corporate networks via federated and differentially private deep learning</trans-title></trans-title-group></title-group><contrib-group><contrib contrib-type="author" corresp="yes"><contrib-id contrib-id-type="orcid">https://orcid.org/0009-0002-6226-0054</contrib-id><name-alternatives><name name-style="eastern" xml:lang="ru"><surname>Кайюм</surname><given-names>Абдул</given-names></name><name name-style="western" xml:lang="en"><surname>Qayyum</surname><given-names>Abdul</given-names></name></name-alternatives><bio xml:lang="ru"><p>Postgraduate student, ITMO University (Saint Petersburg National Research University of Information Technologies, Mechanics and Optics) (197101, Russia, Saint Petersburg) e-mail: qayyum068@gmail.com  ORCID: 0009-0002-6226-0054.</p></bio><bio xml:lang="en"><p>PhD student, Faculty of Information Security Technologies, ITMO University (Saint Petersburg National Research University of Information Technologies, Mechanics and Optics), St. Petersburg, Russia. ORCID: 0009-0002-6226-0054.</p></bio><email xlink:type="simple">qayyum068@gmail.com</email><xref ref-type="aff" rid="aff-1"/></contrib><contrib contrib-type="author" corresp="yes"><name-alternatives><name name-style="eastern" xml:lang="ru"><surname>Мусса</surname><given-names>Хамид Идрис</given-names></name><name name-style="western" xml:lang="en"><surname>Mussa</surname><given-names>Hamid Idris</given-names></name></name-alternatives><bio xml:lang="ru"><p>Master's degree (ITMO University), ITMO University (St. Petersburg National Research University of Information Technologies, Mechanics and Optics) (197101, Russia, St. Petersburg) e-mail: haidturkey@outlook.com</p></bio><bio xml:lang="en"><p>M.Sc. (ITMO University), ITMO University (Saint Petersburg National Research University of Information Technologies, Mechanics and Optics) (197101, Russia, St. Petersburg)</p></bio><email xlink:type="simple">haidturkey@outlook.com</email><xref ref-type="aff" rid="aff-1"/></contrib><contrib contrib-type="author" corresp="yes"><contrib-id contrib-id-type="orcid">https://orcid.org/0009-0000-4133-2923</contrib-id><name-alternatives><name name-style="eastern" xml:lang="ru"><surname>Ибрагим</surname><given-names>Халил</given-names></name><name name-style="western" xml:lang="en"><surname>Ibrahim</surname><given-names>Khalil</given-names></name></name-alternatives><bio xml:lang="ru"><p>Postgraduate student, ITMO University (Saint Petersburg National Research University of Information Technologies, Mechanics and Optics) (197101, Russia, Saint Petersburg) e-mail: khalil.ibrahim129@yahoo.com  ORCID: 0009-0000-4133-2923.</p></bio><bio xml:lang="en"><p>PhD student, ITMO University (Saint Petersburg National Research University of Information Technologies, Mechanics and Optics) (197101, Russia, St. Petersburg)</p></bio><email xlink:type="simple">khalil.ibrahim129@yahoo.com</email><xref ref-type="aff" rid="aff-1"/></contrib><contrib contrib-type="author" corresp="yes"><contrib-id contrib-id-type="orcid">https://orcid.org/0000-0002-0924-6221</contrib-id><name-alternatives><name name-style="eastern" xml:lang="ru"><surname>Беззатеев</surname><given-names>Сергей Валентинович</given-names></name><name name-style="western" xml:lang="en"><surname>Bezzateev</surname><given-names>Sergey Valentinovich</given-names></name></name-alternatives><bio xml:lang="ru"><p>Doctor of Engineering Sciences, Associate Professor, Associate Professor, ITMO University (Saint Petersburg National Research University of Information Technologies, Mechanics and Optics) (197101, Russia, Saint Petersburg) e-mail: bsv@guap.ru ORCID: 0000-0002-0924-6221.</p></bio><bio xml:lang="en"><p>D.Sc., Associate Professor, Associate Professor, ITMO University (Saint Petersburg National Research University of Information Technologies, Mechanics and Optics) (197101, Russia, St. Petersburg) e-mail: bsv@guap.ru  ORCID: 0000-0002-0924-6221.</p></bio><email xlink:type="simple">bsv@guap.ru</email><xref ref-type="aff" rid="aff-2"/></contrib></contrib-group><aff-alternatives id="aff-1"><aff xml:lang="ru"><institution>Санкт-Петербургский национальный исследовательский университет информационных технологий, механики и оптики</institution><country>Россия</country></aff><aff xml:lang="en"><institution>Saint Petersburg National Research University of Information Technologies, Mechanics and Optics</institution><country>Russian Federation</country></aff></aff-alternatives><aff-alternatives id="aff-2"><aff xml:lang="ru"><institution>Санкт-Петербургский государственный университет аэрокосмического приборостроения</institution><country>Россия</country></aff><aff xml:lang="en"><institution>Saint-Petersburg State University of Aerospace Instrumentation</institution><country>Russian Federation</country></aff></aff-alternatives><pub-date pub-type="collection"><year>2026</year></pub-date><pub-date pub-type="epub"><day>22</day><month>06</month><year>2026</year></pub-date><volume>20</volume><issue>2</issue><issue-title>Вестник СибГУТИ</issue-title><fpage>3</fpage><lpage>15</lpage><permissions><copyright-statement>Copyright &amp;#x00A9; Кайюм А., Мусса Х.И., Ибрагим Х., Беззатеев С.В., 2026</copyright-statement><copyright-year>2026</copyright-year><copyright-holder xml:lang="ru">Кайюм А., Мусса Х.И., Ибрагим Х., Беззатеев С.В.</copyright-holder><copyright-holder xml:lang="en">Qayyum A., Mussa H.I., Ibrahim K., Bezzateev S.V.</copyright-holder><license xml:lang="ru" license-type="creative-commons-attribution" xlink:href="https://creativecommons.org/licenses/by/4.0/" xlink:type="simple"><license-p>Данная работа распространяется под лицензией Creative Commons Attribution 4.0.</license-p></license><license xml:lang="en" license-type="creative-commons-attribution" xlink:href="https://creativecommons.org/licenses/by/4.0/" xlink:type="simple"><license-p>This work is licensed under a Creative Commons Attribution 4.0 License.</license-p></license></permissions><self-uri xlink:href="https://vestnik.sibsutis.ru/jour/article/view/1058">https://vestnik.sibsutis.ru/jour/article/view/1058</self-uri><abstract><p>Централизованное обнаружение вторжений в распределённых корпоративных инфраструктурах (филиальные сети, удалённые офисы и промышленный/корпоративный IoT) создаёт ограничения по приватности и соблюдению требований (комплаенсу), поскольку требует централизации конфиденциальной телеметрии. В работе исследуется приватно-сохраняющий дизайн IDS на основе федеративного обучения (FL) с дифференциально-приватным локальным обучением (DP-SGD). Клиенты обучаются локально на признаках, извлечённых из сетевых потоков, и структурированной событийной телеметрии, а координатору для агрегации передаются только обновления модели. Мы оцениваем бюджет приватности (ε, δ) с использованием учёта приватности на основе RDP и качество обнаружения по метрикам Accuracy и Macro-F1. Эксперименты на CICIDS 2018 и наборе данных CERT Insider Threat v6.2 демонстрируют ожидаемый компромисс «приватность–полезность»: обучение с DP снижает полезность по сравнению с не-приватным централизованным обучением, а FL с DP обычно приводит к дополнительному снижению при гетерогенных (non-IID) разбиениях клиентов, оставаясь практичным при явных бюджетах приватности (основное сравнение: ε ≈ 1.8-2.0). Также приводятся эксплуатационные показатели, релевантные для SOC: время обучения, пиковое потребление памяти, задержка вывода (inference) и размер модели, а также сравнение с базовыми моделями Random Forest и XGBoost.</p></abstract><trans-abstract xml:lang="en"><p>Centralized intrusion detection in distributed corporate infrastructures (branches, remote offices, and enterprise/industrial IoT) creates privacy and compliance constraints because it requires centralizing sensitive telemetry. We study a privacy-preserving IDS design based on federated learning (FL) with differentially private local training (DP-SGD). Clients train locally on flow-derived features and structured event telemetry, and only model updates are shared with a coordinator for aggregation. We report the privacy budget (ε, δ) using an RDP accountant and evaluate detection quality using Accuracy and Macro-F1. Experiments on CICIDS 2018 and the CERT Insider Threat v6.2 dataset show the expected privacy-utility tradeoff: DP training reduces utility compared to non-private centralized learning, and FL with DP typically incurs an additional decrease under heterogeneous (non-IID) client partitions, while remaining practical at explicit privacy budgets (main comparison: ε ≈ 1.8 -2.0). We also report SOC-relevant operational indicators: training time, peak memory usage, inference latency, and model size-and compare against Random Forest and XGBoost baselines.</p></trans-abstract><kwd-group xml:lang="ru"><kwd>обнаружение вторжений</kwd><kwd>федеративное обучение</kwd><kwd>дифференциальная приватность</kwd><kwd>DP-SGD</kwd><kwd>безопасная агрегация</kwd><kwd>инсайдерские угрозы</kwd><kwd>информационная безопасность</kwd><kwd>корпоративные сети</kwd><kwd>центр мониторинга и реагирования на инциденты (SOC)</kwd></kwd-group><kwd-group xml:lang="en"><kwd>Intrusion Detection</kwd><kwd>Federated Learning</kwd><kwd>Differential Privacy</kwd><kwd>DP-SGD</kwd><kwd>Secure Aggregation</kwd><kwd>Insider Threats</kwd><kwd>Information Security</kwd><kwd>Corporate Networks</kwd><kwd>Security Operations Center (SOC)</kwd></kwd-group><funding-group><funding-statement xml:lang="ru">Работа выполнена в рамках государственного задания (проект FSER-2025-0003).</funding-statement><funding-statement xml:lang="en">The work was performed within the framework of the state assignment (project FSER-2025-0003)</funding-statement></funding-group></article-meta></front><back><ref-list><title>References</title><ref id="cit1"><label>1</label><citation-alternatives><mixed-citation xml:lang="ru">Buczak A.L., Guven E. A survey of data mining and machine learning methods for cyber security intrusion detection. IEEE Communications Surveys &amp; Tutorials, 2016, vol. 18, no. 2, pp. 1153–1176. doi:10.1109/COMST.2015.2494502.</mixed-citation><mixed-citation xml:lang="en">References</mixed-citation></citation-alternatives></ref><ref id="cit2"><label>2</label><citation-alternatives><mixed-citation xml:lang="ru">Scarfone K., Mell P. Guide to Intrusion Detection and Prevention Systems (IDPS). NIST Special Publication 800-94. National Institute of Standards and Technology, 2007. doi:10.6028/NIST.SP.800-94.</mixed-citation><mixed-citation xml:lang="en">Buczak A.L., Guven E. A survey of data mining and machine learning methods for cyber security intrusion detection. IEEE Communications Surveys &amp; Tutorials, 2016, vol. 18, no. 2, pp. 1153–1176. doi:10.1109/COMST.2015.2494502.</mixed-citation></citation-alternatives></ref><ref id="cit3"><label>3</label><citation-alternatives><mixed-citation xml:lang="ru">McMahan H.B., Moore E., Ramage D., Hampson S., Agüera y Arcas B. Communication-efficient learning of deep networks from decentralized data. In: Proceedings of AISTATS, 2017. arXiv:1602.05629. doi:10.48550/arXiv.1602.05629.</mixed-citation><mixed-citation xml:lang="en">Scarfone K., Mell P. Guide to Intrusion Detection and Prevention Systems (IDPS). NIST Special Publication 800-94. National Institute of Standards and Technology, 2007. doi:10.6028/NIST.SP.800-94.</mixed-citation></citation-alternatives></ref><ref id="cit4"><label>4</label><citation-alternatives><mixed-citation xml:lang="ru">Kairouz P., McMahan H.B., Avent B., et al. Advances and open problems in federated learning. Foundations and Trends in Machine Learning, 2021, vol. 14, no. 1–2, pp. 1–210. doi:10.1561/2200000083.</mixed-citation><mixed-citation xml:lang="en">McMahan H.B., Moore E., Ramage D., Hampson S., Agüera y Arcas B. Communication-efficient learning of deep networks from decentralized data. In: Proceedings of AISTATS, 2017. arXiv:1602.05629. doi:10.48550/arXiv.1602.05629.</mixed-citation></citation-alternatives></ref><ref id="cit5"><label>5</label><citation-alternatives><mixed-citation xml:lang="ru">Lazzarini R., Tianfield H., Charissis V. Federated learning for IoT intrusion detection. AI, 2023, vol. 4, no. 3, pp. 509–530. doi:10.3390/ai4030028.</mixed-citation><mixed-citation xml:lang="en">Kairouz P., McMahan H.B., Avent B., et al. Advances and open problems in federated learning. Foundations and Trends in Machine Learning, 2021, vol. 14, no. 1–2, pp. 1–210. doi:10.1561/2200000083.</mixed-citation></citation-alternatives></ref><ref id="cit6"><label>6</label><citation-alternatives><mixed-citation xml:lang="ru">Chen J., Yan H., Liu Z., Zhang M., Xiong H., Yu S. When federated learning meets privacy-preserving computation. ACM Computing Surveys, 2024, vol. 56, no. 12, pp. 1–36. doi:10.1145/3679013.</mixed-citation><mixed-citation xml:lang="en">Lazzarini R., Tianfield H., Charissis V. Federated learning for IoT intrusion detection. AI, 2023, vol. 4, no. 3, pp. 509–530. doi:10.3390/ai4030028.</mixed-citation></citation-alternatives></ref><ref id="cit7"><label>7</label><citation-alternatives><mixed-citation xml:lang="ru">Zhu L., Liu Z., Han S. Deep leakage from gradients. In: Advances in Neural Information Processing Systems (NeurIPS 2019), 33rd Conference on Neural Information Processing Systems, Vancouver, Canada, 2019, pp. 14747–14756. Available at: https://proceedings.neurips.cc/paper_files/paper/2019/file/60a6c4002cc7b29142def8871531281a-Paper.pdf</mixed-citation><mixed-citation xml:lang="en">Chen J., Yan H., Liu Z., Zhang M., Xiong H., Yu S. When federated learning meets privacy-preserving computation. ACM Computing Surveys, 2024, vol. 56, no. 12, pp. 1–36. doi:10.1145/3679013.</mixed-citation></citation-alternatives></ref><ref id="cit8"><label>8</label><citation-alternatives><mixed-citation xml:lang="ru">Geiping J., Bauermeister H., Dröge H., Moeller M. Inverting gradients – how easy is it to break privacy in federated learning? arXiv:2007.05657, 2020. doi:10.48550/arXiv.2007.05657.</mixed-citation><mixed-citation xml:lang="en">Zhu L., Liu Z., Han S. Deep leakage from gradients. In: Advances in Neural Information Processing Systems (NeurIPS 2019), 33rd Conference on Neural Information Processing Systems, Vancouver, Canada, 2019, pp. 14747–14756. Available at: https://proceedings.neurips.cc/paper_files/paper/2019/file/60a6c4002cc7b29142def8871531281a-Paper.pdf</mixed-citation></citation-alternatives></ref><ref id="cit9"><label>9</label><citation-alternatives><mixed-citation xml:lang="ru">Shokri R., Stronati M., Song C., Shmatikov V. Membership inference attacks against machine learning models. 2017 IEEE Symposium on Security and Privacy (SP), 2017, pp. 3–18. doi:10.1109/SP.2017.41.</mixed-citation><mixed-citation xml:lang="en">Geiping J., Bauermeister H., Dröge H., Moeller M. Inverting gradients – how easy is it to break privacy in federated learning? arXiv:2007.05657, 2020. doi:10.48550/arXiv.2007.05657.</mixed-citation></citation-alternatives></ref><ref id="cit10"><label>10</label><citation-alternatives><mixed-citation xml:lang="ru">Nasr M., Shokri R., Houmansadr A. Comprehensive privacy analysis of deep learning: passive and active white-box inference attacks against centralized and federated learning. 2019 IEEE Symposium on Security and Privacy (SP), 2019. doi:10.1109/SP.2019.00065.</mixed-citation><mixed-citation xml:lang="en">Shokri R., Stronati M., Song C., Shmatikov V. Membership inference attacks against machine learning models. 2017 IEEE Symposium on Security and Privacy (SP), 2017, pp. 3–18. doi:10.1109/SP.2017.41.</mixed-citation></citation-alternatives></ref><ref id="cit11"><label>11</label><citation-alternatives><mixed-citation xml:lang="ru">Dwork C., Roth A. The algorithmic foundations of differential privacy. Foundations and Trends in Theoretical Computer Science, 2014, vol. 9, no. 3–4, pp. 211–407. doi:10.1561/0400000042.</mixed-citation><mixed-citation xml:lang="en">Nasr M., Shokri R., Houmansadr A. Comprehensive privacy analysis of deep learning: passive and active white-box inference attacks against centralized and federated learning. 2019 IEEE Symposium on Security and Privacy (SP), 2019. doi:10.1109/SP.2019.00065.</mixed-citation></citation-alternatives></ref><ref id="cit12"><label>12</label><citation-alternatives><mixed-citation xml:lang="ru">Abadi M., Chu A., Goodfellow I., et al. Deep learning with differential privacy. Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security (CCS), 2016, pp. 308–318. doi:10.1145/2976749.2978318.</mixed-citation><mixed-citation xml:lang="en">Dwork C., Roth A. The algorithmic foundations of differential privacy. Foundations and Trends in Theoretical Computer Science, 2014, vol. 9, no. 3–4, pp. 211–407. doi:10.1561/0400000042.</mixed-citation></citation-alternatives></ref><ref id="cit13"><label>13</label><citation-alternatives><mixed-citation xml:lang="ru">Mironov I. Rényi differential privacy. 2017 IEEE 30th Computer Security Foundations Symposium (CSF), 2017, pp. 263–275. doi:10.1109/CSF.2017.11.</mixed-citation><mixed-citation xml:lang="en">Abadi M., Chu A., Goodfellow I., et al. Deep learning with differential privacy. Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security (CCS), 2016, pp. 308–318. doi:10.1145/2976749.2978318.</mixed-citation></citation-alternatives></ref><ref id="cit14"><label>14</label><citation-alternatives><mixed-citation xml:lang="ru">Wang Y.-X., Balle B., Kasiviswanathan S.P. Subsampled Rényi differential privacy and analytical moments accountant. In: Proceedings of the 22nd International Conference on Artificial Intelligence and Statistics (AISTATS 2019). PMLR, vol. 89, 2019. Available at: https://proceedings.mlr.press/v89/wang19a.html</mixed-citation><mixed-citation xml:lang="en">Mironov I. Rényi differential privacy. 2017 IEEE 30th Computer Security Foundations Symposium (CSF), 2017, pp. 263–275. doi:10.1109/CSF.2017.11.</mixed-citation></citation-alternatives></ref><ref id="cit15"><label>15</label><citation-alternatives><mixed-citation xml:lang="ru">Geyer R.C., Klein T., Nabi M. Differentially private federated learning: a client level perspective. arXiv:1712.07557, 2017. doi:10.48550/arXiv.1712.07557.</mixed-citation><mixed-citation xml:lang="en">Wang Y.-X., Balle B., Kasiviswanathan S.P. Subsampled Rényi differential privacy and analytical moments accountant. In: Proceedings of the 22nd International Conference on Artificial Intelligence and Statistics (AISTATS 2019). PMLR, vol. 89, 2019. Available at: https://proceedings.mlr.press/v89/wang19a.html</mixed-citation></citation-alternatives></ref><ref id="cit16"><label>16</label><citation-alternatives><mixed-citation xml:lang="ru">Bonawitz K., Ivanov V., Kreuter B., et al. Practical secure aggregation for privacy-preserving machine learning. Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security (CCS), 2017, pp. 1175–1191. doi:10.1145/3133956.3133982.</mixed-citation><mixed-citation xml:lang="en">Geyer R.C., Klein T., Nabi M. Differentially private federated learning: a client level perspective. arXiv:1712.07557, 2017. doi:10.48550/arXiv.1712.07557.</mixed-citation></citation-alternatives></ref><ref id="cit17"><label>17</label><citation-alternatives><mixed-citation xml:lang="ru">Bagdasaryan E., Veit A., Hua Y., Estrin D., Shmatikov V. How to backdoor federated learning. In: Proceedings of AISTATS, 2020. arXiv:1807.00459. doi:10.48550/arXiv.1807.00459.</mixed-citation><mixed-citation xml:lang="en">Bonawitz K., Ivanov V., Kreuter B., et al. Practical secure aggregation for privacy-preserving machine learning. Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security (CCS), 2017, pp. 1175–1191. doi:10.1145/3133956.3133982.</mixed-citation></citation-alternatives></ref><ref id="cit18"><label>18</label><citation-alternatives><mixed-citation xml:lang="ru">Sharafaldin I., Lashkari A.H., Ghorbani A.A. Toward generating a new intrusion detection dataset and intrusion traffic characterization. Proceedings of ICISSP, 2018, pp. 108–116. doi:10.5220/0006639801080116.</mixed-citation><mixed-citation xml:lang="en">Bagdasaryan E., Veit A., Hua Y., Estrin D., Shmatikov V. How to backdoor federated learning. In: Proceedings of AISTATS, 2020. arXiv:1807.00459. doi:10.48550/arXiv.1807.00459.</mixed-citation></citation-alternatives></ref><ref id="cit19"><label>19</label><citation-alternatives><mixed-citation xml:lang="ru">Canadian Institute for Cybersecurity, University of New Brunswick. CSE-CIC-IDS2018 Dataset. Electronic resource. Available at: https://www.unb.ca/cic/datasets/ids-2018.html</mixed-citation><mixed-citation xml:lang="en">Sharafaldin I., Lashkari A.H., Ghorbani A.A. Toward generating a new intrusion detection dataset and intrusion traffic characterization. Proceedings of ICISSP, 2018, pp. 108–116. doi:10.5220/0006639801080116.</mixed-citation></citation-alternatives></ref><ref id="cit20"><label>20</label><citation-alternatives><mixed-citation xml:lang="ru">CERT Division, Software Engineering Institute, Carnegie Mellon University. Insider Threat Test Dataset (CERT), version 6.2. Electronic resource. Available at: https://resources.sei.cmu.edu/library/asset-view.cfm?assetid=508099</mixed-citation><mixed-citation xml:lang="en">Canadian Institute for Cybersecurity, University of New Brunswick. CSE-CIC-IDS2018 Dataset. Electronic resource. Available at: https://www.unb.ca/cic/datasets/ids-2018.html</mixed-citation></citation-alternatives></ref><ref id="cit21"><label>21</label><citation-alternatives><mixed-citation xml:lang="ru">CERT Division, Software Engineering Institute, Carnegie Mellon University. Insider Threat Test Dataset (CERT), version 6.2. Electronic resource. Available at: https://resources.sei.cmu.edu/library/asset-view.cfm?assetid=508099</mixed-citation><mixed-citation xml:lang="en">CERT Division, Software Engineering Institute, Carnegie Mellon University. Insider Threat Test Dataset (CERT), version 6.2. Electronic resource. Available at: https://resources.sei.cmu.edu/library/asset-view.cfm?assetid=508099</mixed-citation></citation-alternatives></ref></ref-list><fn-group><fn fn-type="conflict"><p>The authors declare that there are no conflicts of interest present.</p></fn></fn-group></back></article>
