The Danger Within: Insider Threat Modeling Using Business Process Models

被引：0

作者：

von der Assen, Jan ^{[1
]}

Hochuli, Jasmin ^{[1
]}

Grubl, Thomas ^{[1
]}

Stiller, Burkhard ^{[1
]}

机构：

[1] Univ Zurich UZH, Dept Informat, Commun Syst Grp, CH-8050 Zurich, Switzerland

来源：

2024 IEEE INTERNATIONAL CONFERENCE ON CYBER SECURITY AND RESILIENCE, CSR | 2024年

关键词：

Threat Modeling; Insider Threats; Risk Management; Business Process Modeling; BPMN;

D O I：

10.1109/CSR61664.2024.10679492

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Threat modeling has been successfully applied to model technical threats within information systems. However, a lack of methods focusing on non-technical assets and their representation can be observed in theory and practice. Following the voices of industry practitioners, this paper explored how to model insider threats based on business process models. Hence, this study developed a novel insider threat knowledge base and a threat modeling application that leverages Business Process Modeling and Notation (BPMN). Finally, to understand how well the theoretic knowledge and its prototype translate into practice, the study conducted a real-world case study of an IT provider's business process and an experimental deployment for a real voting process. The results indicate that even without annotation, BPMN diagrams can be leveraged to automatically identify insider threats in an organization.

引用

页码：186 / 192

页数：7

共 50 条

[1] Danger of the insider threat
Infosecurity, 2007, 2 (05)
[2] Business Process Mining based Insider Threat Detection System
Zhu, Taiming
Guo, Yuanbo
Ma, Jun
Ju, Ankang
ADVANCES ON P2P, PARALLEL, GRID, CLOUD AND INTERNET COMPUTING, 2017, 1 : 467 - 478
[3] An insider threat detection method based on business process mining
Zhu, Taiming
Guo, Yuanbo
Ju, Ankang
Ma, Jun
Wang, Xuan
International Journal of Business Data Communications and Networking, 2017, 13 (02): : 83 - 98
[4] Modeling of Insider Threat using Enterprise Automaton
Roy, Puloma
Mazumdar, Chandan
PROCEEDINGS OF 2018 FIFTH INTERNATIONAL CONFERENCE ON EMERGING APPLICATIONS OF INFORMATION TECHNOLOGY (EAIT), 2018,
[5] Modeling variability in business process models using UML
Razavian, Maryam
Khosravi, Ramtin
PROCEEDINGS OF THE FIFTH INTERNATIONAL CONFERENCE ON INFORMATION TECHNOLOGY: NEW GENERATIONS, 2008, : 82 - 87
[6] Using dynamic models to support inferences of insider threat risk
Paul J. Sticha
Elise T. Axelrad
Computational and Mathematical Organization Theory, 2016, 22 : 350 - 381
[7] Insider threat analysis using information-centric modeling
Ha, D.
Upadhyaya, S.
Ngo, H.
Pramanik, S.
Chinchani, R.
Mathew, S.
ADVANCES IN DIGITAL FORENSIC III, 2007, 242 : 55 - +
[8] Using dynamic models to support inferences of insider threat risk
Sticha, Paul J.
Axelrad, Elise T.
COMPUTATIONAL AND MATHEMATICAL ORGANIZATION THEORY, 2016, 22 (03) : 350 - 381
[9] Modeling the emergence of insider threat vulnerabilities
Martinez-Moyano, Ignacio J.
Rich, Eliot H.
Conrad, Stephen H.
Andersen, David F.
PROCEEDINGS OF THE 2006 WINTER SIMULATION CONFERENCE, VOLS 1-5, 2006, : 562 - +
[10] Weak models for insider threat detection
Thompson, P
SENSORS, AND COMMAND, CONTROL, COMMUNICATIONS, AND INTELLIGENCE(C31) TECHNOLOGIES FOR HOMELAND SECURITY AND HOMELAND DEFENSE III, PTS 1 AND 2, 2004, 5403 : 40 - 48

← 1 2 3 4 5 →