Journal of Cybersecurity and Information Management JCIM 2690-6775 2769-7851 10.54216/JCIM https://www.americaspg.com/journals/show/2780 2019 2019 Insider Threat Detection: Exploring User Event Behavior Analytics and Machine Learning in Security Reviews Department of Computer Sciences, College of Computer and Information Sciences, Majmaah University, Majmaah, 11952, Saudi Arabia Ruba Ruba Department of Computer Sciences, College of Computer and Information Sciences, Majmaah University, Majmaah, 11952, Saudi Arabia Hanan AlShaher With the exponential increase in technology use, insider threats are also growing in scale and importance, becoming one of the biggest challenges for government and corporate information security. Recent research shows that insider threats are more costly than external threats, making it critical for organizations to protect their information security. Effective insider threat detection requires the use of the latest models and technologies. Although a large number of insider threats have been discovered, the field is still limited by many issues, such as data imbalance, false positives, and a lack of accurate data, which require further research. This survey investigates the existing approaches and technologies for insider threat detection. It finds and summarizes relevant studies from different databases, followed by a detailed comparison. It also examines the types of data used and the machine learning models employed to detect these threats. It discusses the challenges researchers face in detecting insider threats and future trends in the field. 2024 2024 171 181 10.54216/JCIM.130213 https://www.americaspg.com/articleinfo/2/show/2780