Intellectual Property India Publishes Patent Application for 'Synergistic User Activity Based Insider Threat Detection Using Novel Feature Sets And Stacking Ensemble Learning' Filed by Smita Upendra Gumaste; Prof. Ganapati A. Patil; and Prof. Umesh L. Kulkarni

MUMBAI, India, Feb. 13 -- Intellectual Property India has published a patent application (202521118395 A) filed by Smita Upendra Gumaste; Prof. Ganapati A. Patil; and Prof. Umesh L. Kulkarni, Pune, Maharashtra, on Nov. 27, 2025, for 'synergistic user activity based insider threat detection using novel feature sets and stacking ensemble learning.'

Inventor(s) include Smita Upendra Gumaste; Prof. Ganapati A. Patil; and Prof. Umesh L. Kulkarni.

The application for the patent was published on Feb. 13, under issue no. 07/2026.

According to the abstract released by the Intellectual Property India: "The invention relates to a computer-implemented system and method for detecting insider security threats through synergistic analysis of user activities. Heterogeneous data sources, including authentication logs, host events, file operations, email metadata, web browsing records, removable device connections, directory information and psychometric profiles, are collected and preprocessed to construct unified timelines of user behaviour. A feature engineering engine derives novel multi-granular feature sets capturing temporal, statistical, relational, rhythm-based and contextual characteristics of users and entities. The system employs a stacking ensemble model comprising diverse base learners, such as anomaly detectors, sequence models and supervised classifiers, whose outputs are combined by a meta-learner to generate calibrated insider risk scores. Training incorporates imbalance-handling techniques to address the rarity of malicious insider events and robustness measures against noise and missing values. An adaptive thresholding component converts risk scores into prioritized alerts, while an explanation module exposes feature importance and behavioural indicators to security analysts, enabling transparent triage and investigation. The disclosed approach improves detection accuracy, reduces false positives, and adapts to evolving insider behaviours. The invention is applicable to enterprise environments, critical infrastructures and cloud deployments, and can be integrated with existing security information and event management or user and entity behaviour analytics platforms."

Disclaimer: Curated by HT Syndication.