2025_EML Capstone Projects

8. Implementation and Results The implementation process included rule-based detection rules developed in Python and synthetic data creation with 1000 records and 20 injected anomalies. Isolation Forest model achieving 95% detection accuracy and also flask dashboard visualizing risk scores and user level anomalies. In addition to 95% detection accuracy with Isolation Forest, there has been significant reduction in false positives through model tuning. Besides real-time dashboard with user level threat visibility, the implementation process was fully compliant with HIPAA/FISMA via synthetic datasets and audit logs. Finally, the completion of system architecture documentation and executive briefing was part of the implementation.

Key performance indicators (KPIs)

Metric

Standard / target

Outcome

Insider threat detection accuracy

≥90%

95% accuracy

False Positive Rate

<10%

It was improved with machine learning tuning but was high initially due to rules. Synthetic data and audit trails used. Fully compliant. Accomplished with iterative design

Compliance Adherence

100% HIPAA/FISMA compliant

Dashboard Score prototype Positive feedback

System Transparency

Low due to black-box resistance

Rule layering and user interface activity logs

Project Completion Timeliness

Capstone project completed by deadline

Completed on time, despite minor phased delays.

Project Outcome: Demo sessions received positive feedback from stakeholders and improved the adoption of machine learning models. Enhanced trust among non-technical stakeholders and improved response to change communication. Future recommendations include formalizing this network and training champions to lead peer education and feedback loops during scale-up.

System Architecture is as illustrated below table:

Back to Table of Contents