Insider　threat　is　a　significant　security　risk　for　information　system,　and　detection　of　insider　threat　is　a　major　concern　for　information　system　organizers.　Recently　existing　work　mainly　focused　on　the　single　pattern　analysis　of　user　single-domain　behavior,　which　were　not　suitable　for　user　behavior　pattern　analysis　in　multi-domain　scenarios.　However,　the　fusion　of　multidomain　irrelevant　features　may　hide　the　existence　of　anomalies.　Previous　feature　learning　methods　have　relatively　a　large　proportion　of　information　loss　in　feature　extraction.　Therefore,　this　paper　proposes　a　hybrid　model　based　on　the　deep　belief　network　(DBN)　to　detect　insider　threat.　First,　an　unsupervised　DBN　is　used　to　extract　hidden　features　from　the　multi-domain　feature　extracted　by　the　audit　logs.　Secondly,　a　One-Class　SVM　(OCSVM)　is　trained　from　the　features　learned　by　the　DBN.　The　experimental　results　on　the　CERT　dataset　demonstrate　that　the　DBN　can　be　used　to　identify　the　insider　threat　events　and　it　provides　a　new　idea　to　feature　processing　for　the　insider　threat　detection.