The Danger Within: Insider Threat Modeling Using Business Process Models

被引：0

作者：

von der Assen, Jan ^{[1
]}

Hochuli, Jasmin ^{[1
]}

Grubl, Thomas ^{[1
]}

Stiller, Burkhard ^{[1
]}

机构：

[1] Univ Zurich UZH, Dept Informat, Commun Syst Grp, CH-8050 Zurich, Switzerland

来源：

2024 IEEE INTERNATIONAL CONFERENCE ON CYBER SECURITY AND RESILIENCE, CSR | 2024年

关键词：

Threat Modeling; Insider Threats; Risk Management; Business Process Modeling; BPMN;

D O I：

10.1109/CSR61664.2024.10679492

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Threat modeling has been successfully applied to model technical threats within information systems. However, a lack of methods focusing on non-technical assets and their representation can be observed in theory and practice. Following the voices of industry practitioners, this paper explored how to model insider threats based on business process models. Hence, this study developed a novel insider threat knowledge base and a threat modeling application that leverages Business Process Modeling and Notation (BPMN). Finally, to understand how well the theoretic knowledge and its prototype translate into practice, the study conducted a real-world case study of an IT provider's business process and an experimental deployment for a real voting process. The results indicate that even without annotation, BPMN diagrams can be leveraged to automatically identify insider threats in an organization.

引用

页码：186 / 192

页数：7

共 50 条

[41] Business process modeling within the digital economy development framework
Akimov, S. S.
PROCEEDINGS OF THE 1ST INTERNATIONAL SCIENTIFIC CONFERENCE MODERN MANAGEMENT TRENDS AND THE DIGITAL ECONOMY: FROM REGIONAL DEVELOPMENT TO GLOBAL ECONOMIC GROWTH (MTDE 2019), 2019, 81 : 262 - 267
[42] A Vector Relational Data Modeling approach to Insider Threat intelligence
Kelly, Ryan F.
Anderson, Thomas S.
GROUND/AIR MULTISENSOR INTEROPERABILITY, INTEGRATION, AND NETWORKING FOR PERSISTENT ISR VII, 2016, 9831
[43] Unsupervised User-Based Insider Threat Detection Using Bayesian Gaussian Mixture Models
Bertrand, Simon
Desharnais, Josee
Tawbi, Nadia
2023 20TH ANNUAL INTERNATIONAL CONFERENCE ON PRIVACY, SECURITY AND TRUST, PST, 2023, : 52 - 61
[44] A Review of the Insider Threat, a Practitioner Perspective Within the UK Financial Services
Whitelaw, Findlay
Riley, Jackie
Elmrabit, Nebrase
IEEE ACCESS, 2024, 12 : 34752 - 34768
[45] Business process modeling using TAD methodology
Peter, B
Talib, D
Peter, V
ITI 2003: PROCEEDINGS OF THE 25TH INTERNATIONAL CONFERENCE ON INFORMATION TECHNOLOGY INTERFACES, 2003, : 101 - 106
[46] Using GXL for exchanging business process models
Winter A.
Simon C.
Information Systems and e-Business Management, 2006, 4 (3) : 285 - 307
[47] Developing an insider threat model using functional decomposition
Butts, JW
Mills, RF
Baldwin, RO
COMPUTER NETWORK SECURITY, PROCEEDINGS, 2005, 3685 : 412 - 417
[48] Insider Threat Detection Using Machine Learning Approach
Sarhan, Bushra Bin
Altwaijry, Najwa
APPLIED SCIENCES-BASEL, 2023, 13 (01):
[49] Insider Threat Detection using Virtual Machine Introspection
Crawford, Martin
Peterson, Gilbert
PROCEEDINGS OF THE 46TH ANNUAL HAWAII INTERNATIONAL CONFERENCE ON SYSTEM SCIENCES, 2013, : 1821 - 1830
[50] Modeling Clinical Workflows Using Business Process Modeling Notation
Hashemian, Nima
Abidi, Syed Sibte Raza
2012 25TH INTERNATIONAL SYMPOSIUM ON COMPUTER-BASED MEDICAL SYSTEMS (CBMS), 2012,

← 1 2 3 4 5 →